Skip to content

Tag: cyber security

AI this, AI that. But how does it actually help make your company more secure?

We’re all seeing what AI can do, and we’re at various stages of adoption. But cutting across the noise of the “concept”, how can AI tangibly make your business more secure?

Threat detection and intelligence are crucial functions of security. They overlap and feed each other, but they are separate entities with distinct functions. Incident response (IR) is another aspect, which will be discussed in a separate article.

So where is AI most powerful?

There are four big things going on in your threat detection and intelligence systems:

Predictive analytics: This operation attempts to predict future threats by analysing historical threat data using Machine Learning (ML) to learn from large datasets and identify complex patterns. GenAI contributes to predictive analytics by using historical and synthetic (fake) data to simulate future attack scenarios. This is useful for predicting future threat vectors and anticipating attack trends.

Behavioural analytics: This is like predictive analytics but is focused on user behavior. Unusual user behaviour may reveal potential threats that standard security protocols miss. Machine learning automates the data analysis and identifies anomalies that might indicate a security threat. These anomalies could be very subtle and easily missed in manual reviews. GenAI models normal and abnormal behaviors to improve the analysis and better distinguish between harmless and malicious activities. Behavioral analytics help detection systems identify insider threats and identify compromised accounts.

Anomaly detection: This component monitors the network for unusual patterns or behaviors that deviate from the norm. ML improves the system by learning from known data and adjusting to new types of anomalies over time. GenAI creates synthetic anomalies to improve detection models and make the system more resilient to new threats. Zero-day attacks and unusual login patterns might be detected here.

Pattern recognition: As you may expect, this identifies regular patterns or structures in data, which helps classify and detect known types of cyberthreats. Machine learning automates this process and improves the accuracy of recognition. GenAI creates new patterns of attack simulations to improve learning. This may be used to classify types of malware, identify threat actor relationships, or recognise spear-phishing campaigns.

Want to learn more?

Complete IT Systems have a team of Barracuda specialists on hand to demo the solution, discuss business benefits and help you understand how the technology works for your organisation.

To get in touch or request a demo please contact us.

The MGM cyber attack and your business

The MGM network was recently hit through a social engineering-style cyber attack. After gaining entry, the threat actor escalated their privileges to achieve administrator privileges in OKTA and even global administrator privileges to MGM’s Azure tenant, collecting and dumping passwords along the way.

In response to the breach, MGM unsuccessfully attempted to shut down network access to sensitive devices. After electing to not pay the ransom, the hackers launched BlackCat ransomware to cause widespread destruction and disruption.

▶ Read this article from Barracuda to find out the recommendations for your business to solve increasingly creative and aggressive ransomware attacks.

Want to learn more?

Complete IT Systems have a team of Barracuda specialists on hand to demo the solution, discuss business benefits and help you understand how the technology works for your organisation.

To get in touch or request a demo please contact us.

The new ABCs of application security

Over the past few years, the threats to applications have multiplied, and newer, more dangerous attack vectors have emerged.

Read our partner Barracuda’s complimentary e-book ‘the new ABCs of application security’ for an in-depth look at three critical attack vectors – API vulnerabilities, bot attacks, and client-side attacks – as well as how you can fill the gaps in your application security and protect your business against these evolving threats. Discover:

  • The challenges of deploying and defending APIs, a prime target for attackers because of their direct access to critical data
  • The importance of detecting and blocking advanced persistent bots that perform account takeover, credential stuffing, and other malicious attacks
  • The technologies being used to fill client-side security gaps and successfully protect against supply-chain attacks

Want to learn more?

Complete IT Systems have a team of Barracuda specialists on hand to demo the solution, discuss business benefits and help you understand how the technology works for your organisation.

To get in touch or request a demo please contact us.

The main features of the Kaspersky Endpoint Security Cloud

In our previous article, we looked at the benefits of the Kaspersky Endpoint Security Cloud. Here, we look in more detail at some of the key features of the products.

Prevent threats and keep your business running

The Kaspersky solution offers endpoint protection from the most tested, most awarded security vendor. You can protect Windows desktops and file servers, Mac OS workstations, iOS and Android smartphones and tablets, as well offering your users secure Microsoft Office 365 communication and collaboration platforms.

Compensate for lack of IT resources and budget

  • Hosted in the cloud. No need for hardware and software procurement, provisioning and maintenance
  • Instant protection with pre-defined security policies developed by our professionals
  • Available on a monthly subscription to free up financial resources

Gain cloud visibility

  • Shadow IT discovery to reveal uncontrolled sharing of corporate data in the cloud as well as users wasting time on social media and messengers.
  • Block user access to unnecessary or unauthorised cloud resources, keeping your data secure and your colleagues focused and productive.

How to get started – try it FREE for 6 months!

To support remote working in this challenging time, we’re also offering 6 months’ FREE protection with the very latest version of Kaspersky Security for Microsoft Office 365.

This extends protection for SharePoint Online and Microsoft Teams, securing all collaboration and messaging channels within Microsoft Office 365.

Sign up NOW for a FREE 6-month license and take protecting remote workers and business data off your to-do list.

Want to find out more?

As Kaspersky Gold Partners, Complete IT Systems can offer you expert advice on the solutions and how they could be effectively deployed in your business.

To find out more please call us on 01274 396 213 or use our contact form and we’ll arrange a good time to call you back.

 

How to secure data on Microsoft Office 365

Although it may be tempting to think that with data in the cloud your business isn’t susceptible to data loss, it’s still vital to add an additional security layer to protect email from spam, phishing, ransomware and other advanced cyber threats. In fact, nowadays malware is usually sent via email and hosted on cloud storage platforms.

Protecting even a cloud-oriented business from known and unknown threats is therefore critical in order to instantly stop the spread of malicious software, phishing, ransomware, spam and business email compromise (BEC) – and best of all requires no high-tech skills.

What’s the solution?

With Kaspersky Security for Microsoft Office 365, your company can protect Exchange Online, OneDrive files, SharePoint files, and Teams files against malware, phishing, spam, and other threats.

 

Make use of the most sophisticated technologies for your security and at the same time enjoy a quick start thanks to predefined policies and auto configuration.

Get a 6 month FREE trial!

To support remote working in this challenging time, we’re offering 6 months’ FREE protection with the very latest version of Kaspersky Security for Microsoft Office 365. This extends protection for SharePoint Online and Microsoft Teams, securing all collaboration and messaging channels within Microsoft Office 365.

Kaspersky Security for Microsoft Office 365 uses advanced heuristics, machine learning and other next-generation technologies to protect your communication and collaboration processes from ransomware, malicious attachments, spam, phishing (including Business Email Compromise) and unknown threats.

Sign up NOW for a FREE 6-month license and take protecting remote workers off your to-do list.

Click here to view the full datasheet, or watch the short video below.

Want to find out more?

As Kaspersky Gold Partners, Complete IT Systems can offer you expert advice on the solutions and how they could be effectively deployed in your business.

To find out more please call us on 01274 396 213 or use our contact form and we’ll arrange a good time to call you back.

 

90% of malware is delivered via email. Is your business email secure?

Malware and email messages are, unfortunately, the same as bread to butter or hands to gloves. The two go hand in hand. In fact, the connection is so acute that it’s been found that over 90% of all known malware is delivered into companies via email.

And there’s even worse news for IT managers and systems administrators. Here’s some of the main points from the Cofense State of Phishing Defence report:

  • The average user / employee doesn’t go two full days between receiving phishing messages
  • More than 50% of phishing messages have the word “invoice” in the subject line
  • 21% of malicious emails carry harmful attachments or phishing-related malware

Given that this data was gathered over 135 million simulations, 800,000 emails and 50,000 actual phishing campaigns targeting companies in 23 industries, the threat is obviously a real one.

Protect your business email with a 6 month FREE Kaspersky trial!

To support remote working in this challenging time, we’re offering 6 months’ FREE protection with the very latest version of Kaspersky Security for Microsoft Office 365. This extends protection for SharePoint Online and Microsoft Teams, securing all collaboration and messaging channels within Microsoft Office 365.

Kaspersky Security for Microsoft Office 365 uses advanced heuristics, machine learning and other next-generation technologies to protect your communication and collaboration processes from ransomware, malicious attachments, spam, phishing (including Business Email Compromise) and unknown threats.

Sign up NOW for a FREE 6-month license and take protecting remote workers off your to-do list.

Why Kaspersky?

  • Prevent threats and keep your business running
  • Endpoint protection from the most tested, most awarded security vendor
  • Protect Windows desktops and file servers, Mac OS workstations, iOS and Android smartphones and tablets
  • Secure Microsoft Office 365 communication and collaboration

Want to find out more?

As Kaspersky Gold Partners, Complete IT Systems can offer you expert advice on the solutions and how they could be effectively deployed in your business.

To find out more please call us on 01274 396 213 or use our contact form and we’ll arrange a good time to call you back.

 

References:

https://www.darkreading.com/attacks-breaches/most-malware-arrives-via-email/d/d-id/1333023

https://cofense.com/state-of-phishing-defense-2018/

Coronavirus and cybersecurity – what’s the impact in the UK?

Arguably, the cyber security industry has never had a more important role to play than keeping mission-critical organisations and agencies safe from cyber attacks during the COVID-19 pandemic.

And this is especially true for the UK, which has by far the highest number of reported instances in the world of malicious spam emails with ‘coronavirus’ in the subject line.

This article was previously published here. On our COVID-19 resource hub, we have a range of cyber security options and services to keep your business’ valuable data safe on cloud applications, including BitDam for Microsoft Teams and Zoom, Barracuda firewalls, and Datto SaaS Protection for Office 365.

Cyber threat actors are actively attacking the World Health Organisation (WHO) and there has been a rise in scams touting fake cures for the novel coronavirus, said Paul Dwyer, CEO of Dublin-based Cyber Risk International, which specialises in developing corporate cyber defence programs. Dwyer was the guest on this week’s edition of Task Force Seven Radio, with host, George Rettas, the president and CEO of Task Force Seven Radio and Task Force Seven Technologies.

At the same time as the attacks are occurring, “we’re also seeing the ingenuity, the collaboration, the people putting egos to one side and just trying to work together to come up with solutions,’’ said Dwyer, who is also president of the International Cyber Threat Task Force.

He said cyber security professionals play an integral role in helping find a cure for the coronavirus. “At the end of the day, the solution is going to come from a line of code or some sort of system that has been supported from an IT perspective, and that means that it has to be secure,’’ Dwyer said.

There is also a realisation “that national borders don’t matter anymore,’’ he said. “It’s about humanity being connected and trying to deal with this threat, and the solution will lie in the ability to be able to communicate effectively, to be able to analyse data, to be able to distinguish between fake and real and be able to end this. I do believe it’s bringing out the best and the worst in people.”

Noting that there is a huge focus on hand washing right now, Rettas asked Dwyer to discuss the parallels that can be drawn between that and good cyber hygiene.

Just as there are contagion factors that can be caused by someone who is infected with the coronavirus, Dwyer said, a system can be infected malware when basic controls such as patching and applying updates are not practiced.

One small player can cause a widespread cyberattack, Dwyer said.

“I’m unfortunately putting out a bit of a negative message, a warning, to people saying all these bad guys … have been holding off,’’ he said. Then he issued a dire prediction.

“The big one is going to happen in relation to the financial sector in particular, because [hackers are] highly organised … The general defences of cyber hygiene stops most attacks as we all know, but the big organised guys, — we can see that they’re rubbing their hands and they’re getting ready to make moves and more sophisticated moves on the larger targets.”

But beyond the financial sector, Dwyer said he believes healthcare remains a big target too.

The Geopolitics Of Cyber Security

The conversation then turned political and after Dwyer mentioned he has interviewed National Security Agency whistleblower Edward Snowden, Rettas said he couldn’t “ squander the opportunity” and asked Dwyer for his thoughts about Snowden’s actions.

“I think he did the world a favour,’’ Dwyer replied. “I’ve interviewed him twice. Supremely nice and intelligent guy … I understand his motivations and his passion.”

Dwyer went on to say that Snowden brought “attention to the fact that things were going on that shouldn’t be going on,” and that “he’s done the world a favour and he’s given us a chance to reflect upon privacy,” which he said he advocates for.

In response to a question by Rettas about Snowden’s future, Dwyer said he believes he’s willing to come back to the US “as long as there’s a guarantee that he won’t be tortured.” He added that depending on becomes president after the 2020 election, he might even be pardoned.

Rettas then pivoted the conversation back to the fact that geopolitics plays a big role not only in issues like that, but in the country’s response to the COVID-19 virus as well. He asked whether it’s important for a CISO to understand geopolitics?

Dwyer responded that it absolutely is and noted that a lot of hackers’ actions are motivated by “national pride.”

He likened hackers to “being on the Olympic team of their country,” and said that “when we saw lots of hacking coming in from China and … still do obviously, a lot of this was about nationalistic pride. It wasn’t about making money. It wasn’t about scam artists … whether it was Russia, whether it was Nigeria, a lot of it was just about nationalistic pride.”

Dwyer also said he thinks in every crisis and every challenge, there’s an opportunity, and the COVID-19 virus presents both.

When he founded the International Cyber Threat Task Force, he said that “one of the goals was to form an organisation where all the good guys can work together” and share knowledge with “the right kinds of people” and train together with the goal of disrupting cyber attackers.

CISOs And Risk Management

Rettas noted that Dwyer advises CISOs all over the world, and that risk is a big part of their jobs, “but effective CISOs really map the residual risk of controls back to their business objectives.” This is a language that corporate boards understand, Rettas pointed out, and it also helps the CISO gain credibility. He asked Dwyer to discuss how a CISO determines what metrics should be communicated to the board and how the net message should be crafted? And, if a CISO is not a risk professional, can they even do their job?

Dwyer said that meaningful metrics are when a CISO is able to tie any residual risk identified back to the key objectives of the business. “So, if the business objective is it wants to roll out a new app or it wants to get X thousand customers onto an online system, and you’ve identified that there are cyber risks around that and you’re able to quantify those — not subjectively, but empirically actually put numbers on those and have science behind it — then the business will eat that up.”

The solution, he continued, “is to marry the principles of security risk management.” That means have security practices around confidentiality, integrity, and availability, and incorporating them into a risk management program that the business will understand, he said. To make this happen, CISOs absolutely have to understand the business they are in, Dwyer stressed. It’s not enough to say, “Oh, I’m business aligned. They don’t even know what business aligned means,” he said.

Admitting that what he was about to say makes him “lose friends,” Dwyer then posited that “cybersecurity doesn’t belong to the CISO. It belongs to the CEO … I always feel that cybersecurity should be integrated as part of the enterprise risk management program.”

And, he added that a CISO should not be working under the CIO since they’re trying to innovate and keep systems running.

A CISO should report to the enterprise risk manager, and ultimately, the executive board and the CEO, Dwyer said.

At the end of the day, the CISO “is as much a salesperson as a politician, as a subject matter expert. And it’s a business leader position,’’ he said. “That person needs to be able to sell ideas within the organisation … be able to collaborate, be able to join people together with different opinions, to be able to support and understand the business model.”

A CISO is “sometimes a person with a big personality, sometimes a person that’s good with people, a good communicator, good business [savvy],’’ he added. “They’re very important skills that a CISO should have.”

Help during the COVID-19 crisis

The expert team at Complete IT Systems are publishing a series of guidance and tips to help you and your business through this situation. This covers all aspects of quickly providing safe, comfortable and efficient home offices for your users, including data security, collaboration tools, laptops, desktops, print and consumables, support for critical IT tasks, and more. Click here for our central COVID-19 resource hub.

 

Ransomware in numbers for UK SMBs

ransomware

With the recent spate of ransomware attacks in the UK proving that the threat hasn’t subsided, it is likely a good time to re-think your company’s IT security plan. To this end, we’ll be blogging over the coming weeks about the extent of the problem, the increasing creativity of hackers, the risks and exposure businesses face if ill-prepared, and some practical measures you can adopt to asses and safeguard your business against such a scenario.

What’s the impact of ransomware?

To kick off our series, we start with 10 key stats about how ransomware affects small businesses in the UK.

  1. Ransomware remains the most prominent malware threat to SMBs, with 83% reporting it as the most common security threat
  2. In the first half of 2019 alone, 61% of MSPs report attacks on their clients, with 19% reporting multiple attacks in a single day.
  3. On average, 2 in 5 SMBs report that they’ve fallen victim to a ransomware attack. SMBs with in-house IT teams are at greater risk
  4. When it comes to the ransomware threat, there is a disconnect between service providers and SMBs. 82% of MSPs are “very concerned” about the ransomware threat and 8% report their SMB clients feel the same.
  5. Phishing emails are the leading cause of successful ransomware attacks.
  6. Lack of cyber security education, weak passwords, and poor user practices are among the other top causes of attacks
  7. The aftermath of a ransomware attack can be a nightmare for any business. Almost 50% of victimised clients experienced business-threatening downtime.
  8. The average ransom requested by hackers is increasing. The average requested ransom for SMBs is now £1,990.
  9. And this as downtime costs are up by 300% year-over-year, and the cost of downtime is 53X greater than the average ransom requested in 2019.
  10. 81% of SMBs with backup and disaster recovery (BCDR) solutions in place are less likely to experience significant downtime during a ransomware attack. And victimised SMBs with BCDR in place recovered from the attack in 24 hours, or less.

This data is taken from a 2019 Datto study into how ransomware is affecting SMBs in the UK.

In our next article, we’ll look in more at how UK SMBs can plan for and prevent ransomware attacks.

How can I find out more?

As Datto Partners, Complete IT Systems can offer you expert advice on the solutions and how they could be effectively deployed in your business.

To find out more please call us on 01274 396 213 or use our contact form and we’ll arrange a good time to call you back.

Datto

Business IT security – the challenges & solutions

Small and medium sized businesses are exposed to the same cyberthreats as everyone else is, and they need protection. But we get it – it’s not easy striking the right balance with your cyber defences; consumer cybersecurity products are insufficient, and yet enterprise solutions are too costly and complicated.

Small business IT security

At best, an small and medium sized businesses might have an IT team including someone who is responsible for cybersecurity. But IT is a lot more than cybersecurity, and one person doing it all cannot devote much time to managing a heavy security solution. However, even that is a best-case scenario for small business IT security. According to our research, some businesses dedicate the role of security management to non-specialist internal staff — and some companies have no cyber security function at all.

In the age of cyber attacks ranging from everything from networks to USB sticks, it’s not an option to leave your business unprotected.

I’ve seen the news, but why is cyber security so important to my small business?

Businesses of all sizes can fall prey to a variety of malware and social engineering attacks such as phishing. Here are some of the business assets that it’s wise to protect when thinking about your small business IT security strategy.

Your money

Financial fraud is still one of the most damaging types of attacks. Our solutions have a Safe Money subsystem that can protect your finances from scammers. It ensures that you access only genuine, secure financial sites, and it protects your financial data from unauthorised applications and unsafe browser extensions.

Your data

Your business information is another primary target for cybercriminals. That is why our solutions allow encryption of files and folders, and also includes an automated backup and restore feature to protect your data from cryptomalware.

Your software

Our solution can help keep your business applications up to date. By running a scheduled search for application updates, it decreases the risk of cybercriminals exploiting unpatched application vulnerabilities.

Your passwords

Part of our small business solutions is a module called Password Manager, which can store passwords, bank account details, document scans, and text notes in a secure vault.

Your server

In case you need it, the Small Office Security feature can be installed on the server and protect it as well as a workstation.

So what’s the solution? Is there one?

The good news is that SMB IT security is made easier with the right solution.

Based on the above, Kaspersky’s small business solutions are tailored to provide the following benefits:

  • Efficiency
  • Simple deployment
  • Easy management
  • Intuitive interface
  • Nothing in excess

As a result, you do not need to be a security specialist or even an IT professional to install or manage Kaspersky Small Office Security. The small business IT security solution provides out-of-the-box protection from most relevant cyberthreats and can be managed by almost any office employee (or ourselves at Complete IT Systems if you prefer). The Web console provides all information necessary for managing cybersecurity: information about licenses, users, devices, product versions, and so on. The main protective subsystems do not need much attention, so your employees can concentrate on their day jobs instead.

Find out more in this short video

Want to find out more?

As Kaspersky Platinum Partners, Complete IT Systems can offer you expert advice on the solutions and how they could be effectively deployed in your business.

To find out more please call us on 01274 396 213 or use our contact form and we’ll arrange a good time to call you back.

The small hero of local storage

Down to earth, solid and secure

Keeping your organisation’s data in the Cloud isn’t always the only and right option. It’s more about finding an approach that suits you.

A survey in various countries across Europe has revealed that despite the opportunities that the Cloud offers, about 90% of employees still use USB drives to transport data. This is for good reason, as USB drives:

  • Allow you to work independently without the need for internet & Cloud access
  • Require a one-off investment only and don’t require any maintenance
  • Don’t need a lengthy set-up and contract

The nuclear option!

Yet we also know that many organisations lock down USB ports and ban their employees from using them. This isn’t always a sensible solution, as it limits flexibility and can encourage employees to search for workarounds such as private email or Cloud services.

Smart alternatives to the nuclear option of locking down USB ports include:

  • Rolling out encrypted USB drives company-wide to provide your users with the secure file sharing solutions they need to do their job quickly and effectively
  • Integrating encrypted USB drives into your companies’ security strategy and architecture via endpoint management
  • Educating your employees on data security and training them on how to use USB drives securely

Kingston’s encrypted USB drives come with a variety of customisation options that make them fit with your organisation’s security needs, strategy and policies.

How we can help

Complete IT Systems and Kingston Technology have the solutions, experience, accreditations and skills to provide your business with the security solutions you need. For more information call us on 01274 396 213 or contact us and we can call you back.