Why multi-faceted cyber-attacks need a multi-faceted approach to cyber-security

Even before the coronavirus sent us into lockdown, cyber-attacks were rising.  In fact, on day three of the lockdown, the UK Government’s Department for Digital, Culture, Media & Sport published its 2020 Cyber Security Breaches survey.  Amongst its conclusions were that cyber-attacks have continued to evolve and become more frequent.

Also, whilst engagement in cyber security at the board room level is increasing, data breaches still pose considerable risk and incur substantial costs.  Indeed, almost half of businesses (46%) and a quarter of charities (26%) reported having cyber security breaches or attacks in the previous 12 months.

Since March, there has been a substantial increase in the prevalence of cyber-attacks and scamming.  In June 2020, Action Fraud stated that 16,300 cases had been reported over the lockdown period, with there being an onslaught of phishing attempts, paired with increasing sophistication of ransomware and Trojan attacks.

At NVT Group, we have been keen to raise awareness of the problem and that’s why, over the past twenty weeks, we have consistently advocated that businesses of all shapes and sizes should be strengthening their cyber security procedures, in spite of any temptation to do the opposite.

Now that businesses are taking measures to go back to office based working, we are doubling down on the messaging even further with our “don’t slack because you’re back” campaign.  That’s because time is undoubtedly a cyber-criminal’s friend.  During lockdown, hackers will have been using their time wisely, honing their craft and designing even more effective ways to target businesses who might have taken their eyes off the ball.

Worryingly, research published by Mintel [IT Services Market, UK – February 2020] states that, whilst the UK computer security market is seen as one of the largest in Europe, it is believed that large gaps remain when it comes to spending on cyber defences.  Unfortunately, questions about spend were removed from the Cyber Security Breaches Survey for 2020, so we only have the 2019 statistics to use as an indicator.  However, the figures are stark, with 33% of all companies surveyed spending nothing on cyber security.

So, what is the best approach?

Unfortunately, there is no one-size fits all solution

First of all, it is important to remember that no solution in the world can offer a cast iron guarantee that your organisation will never become a victim of cyber-crime.  However, the fact that there are never any guarantees is not an excuse for inactivity.  When it comes to counteracting cyber-threats, the object is to mitigate the risk as much as possible using a layered approach to security that aims to boost your defences on multiple fronts.

So, what constitutes the best approach will naturally vary from business to business, depending on their unique set of circumstances.  At NVT Group, we believe that any approach should consider three crucial areas, i.e. ‘Education & Governance’, ‘Security Monitoring & Response’ and ‘Data Management & Backup’.

Education & Governance

We think that people and processes have a crucial part to play and should therefore be placed at the forefront of your overall cyber-defence strategy.  Our services in this area are fulfilled by our Blue Rock Cyber Defence business and they focus on raising staff awareness through training, introducing data handling policies that best protect company data and using ethical ‘white-hat’ hacking techniques to uncover security weaknesses at the end-user level.

For instance, our password security services will discover if your people are relying on passwords that are easy to crack and our simulated phishing services will show how vulnerable your organisation is to phishing attacks.  Meanwhile, our cyber awareness training aims to increase engagement across your organisation so that your people become your first line of cyber defence.

For more information on Blue Rock, visit the website, send an e-mail to info@bluerockcd.co.uk, or call Lorraine Mills on 0773 995 4441.

Security Monitoring & Response

The typical IT infrastructure is getting more and more diverse, with most organisations employing a hybrid environment of on-premise and cloud infrastructure, covering multiple operating systems and an extensive array of applications.  This exposes more points of entry for cyber-attacks, which we refer to as the Attack Surface Area’.  With the proliferation of remote working, the Attack Surface Area is currently wider than ever.

To address these threats, organisations require increased protection, improved detection and effective response if an attack does compromise one or more systems.

NVT Group’s ‘Concepta Security Services’ offering incorporates advanced monitoring, deep analytics, machine learning and automated response.  We utilise a number of different systems and processes to reduce the available avenues of attack.

To find out more, click here.

Data Management & Backup

Prevention is better than cure, especially when it comes to a data breach.  Nevertheless, you should give due care and consideration to how you will recover your data in the event of a catastrophic loss.

At NVT Group, our Viia cloud can be used as a data backup and disaster recovery solution.  You can use it to backup your servers, applications and endpoints with easy recovery, if it is ever required.  We also provide on-premise, in-cloud and/or cross-cloud replication and recovery services, using Viia’s UK based data centres.

Our handy infographic below summarises threats and our multi-faceted solution to tackling these.

Cyber security, IT all starts here…

Talk to us to undergo a full cyber security audit which takes into account your entire cyber security stance, assesses your level of risk and provides you with recommendations that are specific to your business.

Send an e-mail to info@nvt.co.uk to find out more.