Online security risks and how to reduce them
Nick Brandon from tecwork explains the impact of cyber threats and how local firms can benefit from his business’s help…
How serious a problem are Cyber threats for a typical small business or organisation?
Unfortunately, very serious. Most cyber criminals are indiscriminate. They don’t care how big or small you are or what type of organisation you are. If a vulnerability is found, it can be exploited and this can have very serious consequences – in some cases it has been the end of that business or organisation. In most cases it isn’t of course but it can still be expensive and disruptive. What is often worrying is what we see on a daily basis when dealing with new customers for the first time.
Tell us about typical threats and how they manifest themselves?
There are lots of different threats unfortunately. The most common threat is through emails where a criminal will send an email containing links which, once clicked, will infect a computer device with a virus or ransomware software which can delete data, or collect usernames and passwords. There are others of course, like routers, firewalls, servers and even website URLs with weak login and password information. Also, using old and supported software in the organisation can become a vulnerability – remember the NHS and their Windows XP problems?
What types of things can be done to minimise the threats of cyber attacks?
One of the best things is for an organisation to register for Cyber Essentials. In its standard form this is the UK Government’s benchmark accreditation and comes in the form of a self-assessment which asks lots of questions about the technical set up in the organisation. For some time now, we have been doing these assessments for customers and highlighting any ‘gaps’ or action points so the necessary actions can be taken to pass the accreditation. Then our tech team will fill the gaps and the accreditation is gained.
Can you tell us more about the Cyber Essentials software?
Amazingly, only around 15% of organisations know about it but essentially it is a Cyber Security MOT. It is something that needs to be renewed every year. Like an MOT, throughout the year, any changes to your IT set up should be made in line with Cyber Essentials. An advanced Cyber Essentials Plus accreditation can be attained for those organisations that want more advanced assessment (often to qualify for government contracts or to qualify for business insurance).
What about Virus and Malware detection software – isn’t that supposed to protect people?
Yes it does but it only goes so far. Using tools like Guardz we can very quickly uncover areas for improvement using AI. We can generate a Risk Assessment report, on a domain for example, which can highlight problem areas and even monetises the ‘potential loss’.
Several tools including Guardz, for example, can also be installed into the organisation to help protect all aspects of an organisation’s technology on an ongoing basis from a single viewpoint.
If someone reading this wants more information or help, what is their next step?
We will be at the Tunbridge Wells Business Show on November 7 at Salomons Estate, from 10am to 3pm.
For anyone attending our stand at the show, we can run a free Risk Report, on their domain, for example, which is a good starting point. The reports can take several hours so we are asking people to contact us in advance with their details so we can have the report ready at the show to discuss. We will also be demonstrating some of the clever features available from tools like Guardz as well as other tech.
Contact tecwork in advance by emailing helpme@tecwork.co.uk or calling 01892 578666. Or visit www.tecwork.co.uk