Archive for October, 2023

The importance of cyber resilience

At our recent Cyber Resilience event, we emphasised the famous boxing quote, “everyone has a plan until you are punched in the face,” highlighting the importance of readiness in dealing with cyber incidents.

In the same way athletes train and prepare for major sporting events, organisations need to be ready for their own “big event” in the form of a cyber incident. Achieving true cyber resilience requires a cohesive team and strategy to tackle the challenges posed by skilled adversaries, going beyond the notion of “letting IT deal with it.” This involves being prepared for the technical, organisational, and psychological aspects of incidents like ransomware attacks or data theft.

With the increasing reliance on technology, cyber-attacks have become all too common in today’s world, making it crucial for organisations to assess the impact of such incidents and determine how to contain the threat and expel the intruder from their networks. To ensure effective response capabilities, organisations must invest in resources and skills. This involves creating a comprehensive recovery plan based on best practices, employing the right personnel, and establishing fail-safe processes that can function even when key participants are unavailable. It’s important to understand that cyber resilience is not solely reliant on technological solutions – it requires a holistic approach encompassing people, processes, and technology.

However, being prepared is just the first step. To validate the effectiveness of your cyber resilience strategy, it is vital to have an intimate understanding of your business, its critical components, and how to restore them in the aftermath of an attack. To achieve this level of understanding, it is recommended to regularly and rigorously test your recovery plan. This testing helps to identify any gaps in the plan and ensure a smoother recovery process.

One highly effective method for enhancing the necessary skills and capabilities to achieve resilience is by conducting a cyber tabletop exercise. A cyber tabletop exercise is a simulated scenario that enables organisations to test and evaluate their preparedness and response capabilities in the event of a cyber incident or breach. It serves as a training tool for key stakeholders involved in managing and responding to cybersecurity incidents, including IT staff, executives, legal teams, and public relations representatives. The exercise takes place in a conference room or virtual environment and is based on realistic threats or previous incidents to provide a relevant and meaningful experience for the participating organisation.

During the exercise, participants assume specific roles and responsibilities, such as incident responders, incident commanders, legal advisors or media relations representatives. They are presented with a simulated event that unfolds gradually, and they must collaborate, make decisions, and take appropriate actions to respond to the evolving situation and adapt to new challenges that arise in a fast-moving environment.

The tabletop exercise serves several purposes:

  1. Testing response plans: By simulating real-world scenarios, organisations can identify gaps, weaknesses, and areas for improvement in their response strategies.
  2. Enhancing communication and coordination: The exercise promotes communication and coordination among different teams and stakeholders involved in incident response. It enables participants to understand each other’s roles, responsibilities, and decision-making processes, fostering better collaboration and coordination during a real incident.
  3. Identifying strengths and weaknesses: Through the exercise, organisations can identify their strengths, areas of expertise, vulnerabilities, and limitations in their incident response capabilities. This knowledge allows them to prioritise investments in training, external resources, and improvements to enhance their overall cybersecurity posture.
  4. Practicing decision-making: The exercise provides a safe environment for participants to practice making critical decisions under pressure. They can explore different response strategies, evaluate the potential consequences of their actions, and learn from their mistakes without real-world repercussions. It is better to fail during the exercise than in a real incident.
  5. Building familiarity with procedures: Tabletop exercises help participants become familiar with the incident response procedures, protocols, and tools that would be utilised during an actual cyber incident. This familiarity improves efficiency and effectiveness during a real incident, as responders are better prepared and more confident in their actions. It also helps external resources understand the organisation’s procedures and be better prepared to assist in an incident. This process strengthens the organisation’s cybersecurity posture and preparedness to handle real-world cyber threats.

Being aware of the latest cyber threats is a fundamental aspect of a good cyber resilience strategy. Understanding these threats enables organisations to better predict, detect, and respond to them. Conducting a tabletop exercise to test the ability to respond is critical for maintaining a high standard of cyber hygiene and informing the cybersecurity strategy.

A mature cybersecurity strategy that encompasses all aspects of threat identification, impact mitigation, and service recovery is essential. The current landscape in most organisations is characterised by technical dependency, and the rise of hybrid working models has blurred the boundaries of an organisation’s perimeter, making it harder to secure. The days of heavily investing in preventive security measures with the aim of blocking threat actors are no longer sufficient.

A paradigm shift is occurring in cybersecurity, with organisations embracing strategies such as “zero trust” that prioritise resiliency in the face of inevitable incidents. This shift necessitates partnering with strong cybersecurity providers who have the necessary technologies and knowledge to prevent or mitigate incidents while also understanding the organisation’s business context.

Ultimately, cyber resilience must be an integral aspect of a contemporary business strategy. With the increasing threats and sophistication of cyber-attacks, understanding your business’s assets, how technology supports business objectives, managing technology risk, focusing on recovery, and staying abreast of the latest threats are non-negotiable aspects.

Furthermore, it is essential to remember that a cyber resilience strategy is only as strong as its weakest link. Regular testing and investment in resources are paramount to ensure that your organisation remains strong in the face of cyber threats.

Breaking Cloud Barriers: CMA launches market investigation into cloud services

Following a referral from Ofcom, The Competition and Markets Authority (CMA) has launched an independent market investigation into concerns around competition across cloud service providers.

Specifically, AWS and Azure have a combined market share of approximately 80% of the £7.5 billion UK market, based on the 2022 numbers.  The main areas of concern are:

  • Egress fees: charges levied on customers to transfer their own data out of these cloud services, and between other cloud providers.
  • Technical barriers: lack of interoperability and therefore portability, requiring significant developments and reconfiguration to move applications between cloud providers and on-prem infrastructures.
  • Discounts: incentives structured in a way to attract new customers and strengthen vendor lock in.

The above make it difficult, unattractive, and in some cases financially prohibitive for customers to freely move between cloud providers and on-premise infrastructures.

OSG Cloud has been designed both technically and commercially to address these anti-competitive practices.

  • Simple, open and transparent pricing.  No complex consumption billing models based on variables that are impossible to accurately predict and plan for.  All inclusive pricing with no hidden egress charges; customers are free to move their data whenever and to wherever they want.
  • Built on VMWare Cloud Foundation (VCF) provides a consistent and standardised infrastructure and configuration across hyperscale cloud service providers, as well as specialist and local cloud providers, and on-premise infrastructures.  Zero technical barriers to move, with no reconfiguration or development of applications required.  Maximum flexibility and portability.

At Outsource Group, we believe that you should always chose the most appropriate cloud or infrastructure for your applications.  That decision should always be based on the technical and business requirements.  Once the requirements have been satisfied, then buying smart and maximising budgets is critical; not the other way around.  We’re not interested in locking customers in.  Instead by providing the right technical solution with simple and transparent pricing, customers chose to stay with us because they want to, not because the ‘feel’ they have to.

https://www.gov.uk/government/news/cma-launches-market-investigation-into-cloud-services

Phishing Attacks: An Escalating Threat to Businesses

Every day, there are 65,000 attempts to hack SMEs and among these, phishing attacks has emerged as the predominant method employed by malicious actors to illicitly obtain data, information, or funds.

 Understanding Phishing

Phishing refers to deceptive tactics where perpetrators employ various platforms (such as emails, mobile messages, social media, phone calls, and texts) to mislead individuals into performing certain actions. These actions could be as simple as clicking a link, but they can lead to significant security breaches, allowing the attacker unauthorised access, theft of data, or even holding a company at ransom.

 Strategies to Enhance Cybersecurity

To bolster defences against such intrusions, businesses can adopt several proactive measures:

  1. Training: Engage in continuous staff training and security awareness programs. This can be done in-house or via trusted IT partners, with the inclusion of regular simulated phishing tests.
  2. Anti-Virus Software: Ensure the use of reliable and frequently updated Anti-Virus solutions.
  3. Firewalls: Deploy both Desktop and Network Firewalls that are expertly set up and maintained.
  4. Browser Security: Always update browsers to incorporate the latest security patches, sealing any potential vulnerabilities.
  5. Pop-Ups: Always scrutinise pop-ups, even those that appear genuine.
  6. Site Security: Before interacting with a site, confirm its security credentials.
  7. Personal Information: Limit the amount of personal data shared online.
  8. Passwords: Adhere to robust password protocols, emphasising complexity and using combinations of random words.
  9. MFA (Multi-Factor Authentication): This should be a fundamental security provision.
  10. Think Before Clicking: If a message urges immediate action, pause and reflect. Feeling rushed often indicates potential deceit.

Remember, human error is inevitable. While these strategies offer substantial protection, it’s crucial to anticipate potential breaches. Thus, having a predefined response plan is indispensable. This ensures that in the event of a breach, appropriate actions are executed promptly, minimising further risks and disruptions.

To find out more about ways you can assess your vulnerabilities and improve your cyber security readiness email info@osgroup.co.uk 

Find out how we...
can help you

Get in Touch