848 NEWS: FEB 2021
Do I need a security review? How understanding your security posture helps you make smarter choices
By Abbie Rodger
With cyber attacks on the rise, it’s important to have a robust security strategy. A security review can provide you with a deeper understanding of your level of risk and protection so you can make better security choices.
The threat landscape has evolved drastically in recent years. Rapid advancements in technology and digital transformations have seen cyber attacks increase in both frequency and sophistication.
The way cyber criminals operate is largely influenced by external events and factors, such as societal shifts or changes. Covid-19, has more than just influenced cyber crime; it has provided criminals with a whole new world of opportunities to attack.
Malware, phishing scams, trojans, viruses. All have spiked as a result of the pandemic. Reports state that ransomware style attacks in particular saw a staggering 715% YOY increase in 2020.
Covid and the impact on cyber crime
Many agree that the key elements driving attacks and the success rate of breaches are the sudden shift to remote and blended working, and the heightened reliance on digital connectivity. These changes have created a wealth of security gaps and gateways for cyber criminals to access organisations’ critical infrastructure.
This means your processes, data, and other sensitive assets are more likely to be targeted than ever before and are at a higher risk of falling into the wrong hands.
Can you afford a cyber attack?
The real concern is the consequences of cyber crime. A data breach or successful attack can cause your business significant reputational damage and financial losses. According to Gartner, the average cost of a ransomware attack on a mid-sized business is a whopping £130,000, whilst negative press and harm to your brand reputation can take years for you to recover from.
A breach and the way it is handled can also land you in hot water under GDPR and data protection laws if you do not follow the stringent rules in reporting and responding to an attack. Your business has only a small window of time (just 72 hours) to investigate and report a breach. Failure to comply can mean you face hefty fines of up to £1.75 million, or 4% of your global annual turnover.
This is why it’s vital that you have a robust cyber security strategy to defend your business and protect you from the consequences of cybercrime. However, before you can implement a robust strategy that provides you with the defence levels you need, you must understand the state of security in your business.
How can a security review help?
A security review, otherwise known as a security assessment or vulnerability assessment, enables you to make smarter choices when it comes to your cyber security.
It does this by providing you with an evaluation of your security landscape, to help you understand and identify your risks, security weak spots, and level of protection or defence against threats. Understanding equips you with the information you need to implement security measures and controls that are appropriate for your organisation.
This prevents you from wasting large amounts of time, money and other resources implementing measures for threats that pose little to no risk to your organisation. It also means you don’t miss or overlook potential security gaps, and helps you roll out a security strategy that truly protects your business.
What does a security review involve?
An effective security review is underpinned by a stringent process to gain a clear analysis of your chosen environments, whether they are cloud or hybrid. It should be done in clearly defined stages, with distinct objectives.
A security review from 848 is delivered by our dedicated cloud and security specialists utilising our proven Plan, Build, Run methodology, to ensures a thorough process. We take a deep evaluation of your infrastructure, assessing it’s current level of protection against industry best-practise and controls, including those outlined by Microsoft and the Centre of Internet Security (CIS).
We then identify any risks and weakness and their potential implications and present our findings back to our customers complete with a full security report. Our experts then provide recommendations and actions to mitigate risks, minimise vulnerabilities, and enable a more robust security posture, that provides greater protection against the cyber crime.
We can provide reliable security reviews and assessments for a range of environments, from hybrid platforms to your workspaces running in Azure.