“Here in the UK the crime you’re most likely to suffer is a cyber-crime” – Sir Jeremy Fleming, GCHQ Director.
It makes for a stark opening statement to any article, but there you have it. If any organisation should understand the threat landscape in the UK and across the globe, it’s GCHQ, so everyone should sit up and take notice when this sort of thing is released.
“If you’re in a boardroom then the risk that is very close to the top of your risk register if not at the top of your risk register is likely to be a cyber risk now.” My guess is that if an organisation is not thinking this way, then it should be.
The short version for UK SMEs is simply that you should be doing much more to defend yourselves. All cyber-threats are on the rise, especially ransomware given that it is so profitable for criminals, and unless organisations make and implement adequate plans now, then it will just be a matter of time before they fall victim.
There are many different ways to address the risks brought by cyber-crime, and the truth of the matter is that the best approach is to not put all your faith into just one defence, but rather to have several layers, all of which work together to produce your organisation’s cyber-hardening. To get to this point it is best to involve professionals in the field, so that you get the best advice; given that this is a rapidly changing threat environment you are unlikely to be able to get to this point unaided.
That being said, what would I recommend as a default starting point for a small to medium sized organisation?
- KnowBe4 – Ongoing security training for your members of staff. This is now a compulsory for organisations in many verticals, and as such should be considered as very important by all organisations.
- Heimdal Security – Heimdal provides security software covering everything from antivirus / antimalware, through to some rather specific threat responses. One module which every organisation should have is a module which is the ransomware last line of defence: The Ransomware Encryption Protection module. It literally prevents your data from being encrypted by ransomware. If all other defences have failed, and the ransomware tries to run, it simply cannot encrypt your data.
- Hornetsecurity – Sitting between the internet and your email, this service helps to filter the dangers out of your email before they reach you.
- Keeper Password Manager – An intuitive service for helping users look after their passwords for all online activity. This is a security must-have for the modern online worker.
- Redstor Backup – A cloud backup solution which can be set up to silently keep your data safe. This is key to any disaster recovery plan.
Contact Brigantia to be put in touch with your local Brigantia Partner who will be able to guide you through what is required and help you on your journey to cyber-hardening. Email firstname.lastname@example.org or call 020 3358 0090 for more details.