How businesses can stay vigilant in periods of increased global cyber riskBen Gittins
Ever since the widespread adoption of the internet, there have been periods of time where businesses have faced increased cyber risk. Some examples within the last 5 years include the WannaCry ransomware attacks in 2017 and the SolarWinds malware attack in 2020. With Russia’s recent assault on Ukraine, the UK has entered another period of increased cyber risk. Currently there have been no known attacks on UK businesses, however the National Cyber Security Centre (NCSC) has provided guidance for UK businesses to improve their security posture in response to the increased cyber risk. In this article we discuss the potential risks facing businesses, and what they can do to remain vigilant and reduce the chance of falling victim to an attack.
Potential risks businesses face
Businesses are constantly at risk of falling victim to a cyberattack. In 2021, 4 in 10 UK businesses reported having cybersecurity breaches or attacks, with phishing attacks being most common.
With the current state of increased cyber risk, businesses are more likely to become collateral damage as targeted malware spreads to other businesses. This was the case with the 2017 NotPetya ransomware attacks. During this time, Russia targeted Ukraine’s financial, energy and government institutions with an advanced ransomware. Due to the indiscriminate design of the ransomware, it also spread to machines in the United States, United Kingdom, Australia, and many other countries. It is possible a similar scenario could play out, and for this reason, businesses should take steps to improve their security posture.
What else businesses can do to remain vigilant
The NCSC has provided a list of actions that they recommend organisations to ensure basic cybersecurity hygiene controls are in place and functioning properly.
This guidance is essential for all businesses, however there is more that businesses can do to bolster their security strength. We recommend that all businesses deploy additional security features regarding email security, backups and disaster recovery and employee education and awareness.
As email is the number one attack vector, it is essential that businesses do everything they can to decrease the chance of falling victim to a phishing attack. There are many ways that cybercriminals use email to launch a cyberattack, however thankfully a comprehensive email security solution can stop malicious emails before they even land in an employee’s inbox. Businesses should always seek email security solutions that also include URL and attachment protection to thwart business email compromise attacks.
It should also be noted that during periods of unrest, it is common to see phishing attacks link to malicious websites masquerading as news sites, or even charity donation sites. A comprehensive email security solution should stop these. However, it is important that employees are educated on common cyberattacks and scams to reduce the chance of falling victim to an attack, both at work and at home.
Employee Education and Awareness
There are many software solutions designed to stop cyberattacks in their tracks, however a key component of how businesses can remain vigilant in periods of increased global cyber risk is by providing their employees with cybersecurity training. Cybersecurity training encourages employees to understand the cybersecurity threat landscape, how to identify security risks, and the process of reporting potential cyberattacks or poor security practices. Effective cybersecurity training can decrease the chance of a business falling victim to a cyberattack, whilst developing a positive security culture within a business.
As all employees have some level of access to company data, they all play a role in protecting the business from a cyberattack. When designing cybersecurity training, businesses must cover enough information to give employees the tools required to identify potential attacks, without going into too much detail and confusing the audience. Some topics that should be covered include phishing attacks, social engineering attacks, password hygiene and how to stay secure when working in the office or remotely.
Backup and Disaster Recovery
As the most likely scenario is a widescale ransomware attack, it is essential that businesses have a tried and tested method of disaster recovery. Even if a business does pay the ransom after falling victim to an attack, typically they can only recover 65% of their data. In order for businesses to limit the downtime after an attack and increase the likelihood of being able to recover 100% of their data, they should make use of a comprehensive backup solution. Data should be backed up on a frequent, regular basis, with copies stored offsite to ensure they cannot be affected by ransomware. These backups should also form part of a larger disaster and incident recovery plan.
How we can help
As an organisation HAYNE have always followed the concept of security in-depth and continue to adapt to an ever-changing security landscape by incorporating fundamental principles such as the rule of least privilege, role-based access controls and and assume breach, the latest being that of zero trust.
HAYNE are registered with the NCSC early warning service and continually research the latest security trends, emerging threats and new approaches to managing security, in order to bring greater awareness to the business as a whole.
As a Cloud Solution provider and managed service provider, security is of even greater importance, as HAYNE not only has a duty of care to our own business but also that of all our customers.
One of the reasons HAYNE adopted Microsoft Azure as the platform of choice for customers, was the rapid rate of development and specifically the significant investment in security with the resultant introduction of new capabilities and services to improve the security posture.
New security capabilities are routinely introduced onto the Microsoft Azure platform, as a value-add Microsoft partner HAYNE seek to implement many of these for customers as part of ongoing development, thereby either improving the overall security posture or the security optics and proving greater insight into security related events, which in turn allow HAYNE to respond more quickly to emerging threats.
Although the world is in a period of increased global cyber risk, there is no need for businesses to panic. It is most important that all businesses implement the basic cybersecurity hygiene controls recommended by the NCSC.