Cyber Security

‘Around 65,000 attempts to hack small to medium sized businesses (SMBs) occur in the UK every day, around 4,500 of which are successful’

What are today’s risks?

*According to PwC’s global state of information security survey, employees were responsible for 27% of all cyber security incidents.

Insider Threat:

  • Employees are one of the biggest threats to your business
  • Lack of knowledge or confidence in what to look for, can leave your business vulnerable
  • Investing in cyber security training is critical to reducing cyber-attacks and it can potentially reduce the cost of your cyber insurance premiums

Phishing:

  • Phishing is a method of trying to trick people into divulging sensitive or confidential information, often via email
  • Email’s are becoming far more authentic in appearance and are not always easy to distinguish from genuine messages
  • These scams can inflict enormous damage on organisations by installing malware, such as Ransomware.

Ransomware:

  • An ever growing threat with their primary goal to cause as much disruption as possible often in the search for a financial reward
  • Ransomware uses encryption to lock files and render them useless without obtaining a key to unlock them
  • Attackers make the key available once a ransom has been paid, but in most cases this does not come to fruition.

Poor Practice:

  • Businesses often neglect software patching or upgrading non-supported operating systems, like Windows 7 or Server 2008R2
  • Lack of regular patching.

How can we help?

Well, here are 5 security tips.

User Awareness Training

Investing in your employees by providing cyber security training will help reduce cyber-attacks, by enforcing best practices.

Establish cyber security inductions for new starters and run quarterly refresher courses.

Deploy attack simulation training to your staff and monitor their performance in the face of malicious attacks. Obtain detailed reporting to show improved cyber awareness and ROI.

Add layers of security

Keep your software up-to-date and ensure that you turn on automatic system updates for your device.

Ensure anti-virus software is deployed to all computers and ensure definitions are regularly kept up-to-date.

Deploy firewalls to protect your network and data from unwanted access.

A firewall is important when defending your data against malicious attacks, and helps screen out hackers, viruses, and other malicious activity that occurs over the Internet.

Check your backups

If you are hit with a cyber-attack, can you rely upon your backups to restore lost or compromised data?

A reliable backup is critical to help you recover from a cyber security breach.

Best practices dictate that you should follow a 3-2-1 backup rule. This means keeping 3 copies of your data on 2 different types of media (or provider) and 1 copy in an off-site location

Enforce mobile security

Now more than ever, data is being stored on non-business mobile devices.

According to Sophos Labs, mobile devices are being targeted by more than 1.5 million new incidents of malware.

Encourage employees to set a PIN or passcode, use mobile device management tools to help locate and manage lost or stolen devices, and keep any devices used for work purposes clean.

2 Factor Auth

Often, people will use the same password across personal and work accounts, which makes it easier for cyber criminals to obtain access to your data.

Implement Two-Factor authentication to eliminate this single point of failure.

As the name suggests, Two-factor authentication prompts users to enter their password as well as one additional authentication method such as a Personal Identification Code, another password or even a fingerprint.

Security Awareness Training

In 2021, after analysing 6.6 million users, the benchmark figure for phishing attacks was 31.4%. This means that almost a third of the average workforce were unable to determine if a threat was genuine or not. 3-months after introducing security awareness training, this figure dropped to 16.4% and after 12-months, it was down to just 4.8%.

AVG 31.4% – Baseline
AVG 16.4% – After 3-Months
AVG 4.8% – After 12 Months

27% of all cyber attacks start because of poor using knowledge of threats and associated risks.

Investing in proven cyber security awareness training for your staff is one of if not the best way to ensure your business reduces it’s risk to cyber threats.

Our security awareness training programme continuously phishes your employees with thousands of templates.

Training programmes can then be deployed to improve awareness, but don’t fret, this isn’t your mundane death by PowerPoint oh no, it consists of engaging interactive modules, videos, games and newsletters.

Finally, you can see the results for yourself with reporting of both training and attack simulations.

Cyber Essentials

Cyber Essentials is a UK government backed scheme, designed to provide businesses with a way of demonstrating that they have thought about and implemented applicable security controls. Within the scheme, there are five key security controls which if implemented correctly, can protect organizations against 80% of common cyber attacks.

Cyber Essentials covers 5 key areas of your infrastructure to ensure you have controls in place to mitigate risks.

Steps to become certified.

“Evorio were professional from the outset. We met with several other suppliers and none gave us the feeling of confidence that Evorio did.”

Andrew Smith

Operations Manager, Florigo

We can help.

Fill in the form
Give us a ring on 01256 704518
Email us on contact@evorio.co.uk

“I would not hesitate to recommend their services to any other potential clients.”

Paul Chambers
Director, Airwave Europe