Written by Nathan Sheppard, Senior Support Analyst – 26th September 2017
This year we have seen three major malware attacks that affected businesses globally – WannaCry, Petya and Locky. The global cyber security business KSN Data reported that they detected 342,566,061 malicious attacks worldwide in the second quarter of 2017. With the General Data Protection Regulation GDPR coming in to force on 25th May 2018, there is no better time to improve your cyber security strategy and prepare for GDPR compliance than now…
Improving your Cyber Security Strategy framework
The Cyber Essentials Scheme
The Cyber Essentials certifications were designed by the UK Government to help businesses protect themselves from the growing risk of cyber attacks. There are two types of certification, Cyber Essentials standard which is self-certified and the Cyber Essentials Plus that is more comprehensive than the standard and awarded by an accredited assessor. The sections covered in the Cyber Essentials Plus criteria, provide a good framework to improve your business approach to cyber security. Find out more about Cyber Essentials here.
Whilst Cyber Essentials Plus covers the main topics, the ISO 27001 standard goes one step further. Achieving ISO 27001 compliance, confirms your business is following information security best practice, and also ensures that your data is adequately protected in line with the GDPR. The compliance requirements of IS027001 gives you a solid foundation to evolve and effectively manage your cyber security strategy. Read more here.
What tools and components should underpin a cyber security strategy?
No matter how solid a cyber security is, the selection of specialist tools and components that underpin it require careful consideration.
Products such as Sophos Intercept X, WatchGuard and Microsoft’s Enterprise Mobility + Security platform offer a high level of cyber security protection as well as some of the most advanced and affordable technology on the market.
We explore these three products in brief below:
WatchGuard Unified Threat Management
With three subscription options on offer and hardware to suit the needs of all business sizes, WatchGuard firewalls are one of the best on the market and offer a complete Unified Threat Management system. The flexible subscriptions enable businesses to pick and choose the applications required to tailor the performance output. However, as certified WatchGuard partners, we recommend all our clients sign up for the ‘Total Security’ subscription that offers the top level of protection rather than the others on offer. Find out more about the WatchGuard product range here.
Sophos – Intercept X
Sophos Intercept X is a next-generation endpoint detection and response platform that is designed to stop malicious threats and exploits, including zero-day and ransomware attacks. The innovative root-cause analysis functionality enables you to identify the sources of intercepted attacks and provides an interactive visual guide that shows where the attack gained entry, what was affected, and where the attack stopped. Our clients find this feature incredibly useful.
Microsoft Enterprise Mobility + Security (EMS)
Device management should also form a large part of your business cyber security strategy. Microsoft’s Enterprise Mobility + Security platform makes it much easier to manage device security across desktops, laptops, mobiles and tablets. Find out more about Microsoft Enterprise Mobility here.
Here is a great video from Microsoft showing how Microsoft Enterprise Mobility + Security can protect your business.
Which product is best suited to my business needs?
Each of the above products offer slightly different features suited to specific business needs. Whilst in an ideal scenario, to ensure the highest level of cyber protection is achieved we would recommend all four products are used in collaboration.
If you’re interested in finding out more about WatchGuard firewalls, Sophos Intercept X or Microsoft Enterprise Mobility Suite please get in touch and one of our IT Security Specialists will be happy to help you.
If you found this blog useful and are interested about the other forms of prevalent cyber attacks you may wish to read these related articles – ‘Why is the FA restricting use of public wi-fi hotspots?’ and ‘Doppelganger domains – How are businesses are being targeted’