Nine out of ten cyber security decision makers in companies with 250+ employees stay awake at night worrying about their organisational security.
According to a survey by CSI Ltd, their main concerns are a lack of cyber security skills (30%), limited resources within the IT team (29%), old IT infrastructure (27%) and the risk of third party suppliers leaving them vulnerable to a cyber-attack (25%).
Three quarters (78%) believe the cost-of-living crisis increases the risk of a cyber attack.
Leyton Jefferies, Head of Cyber Security Services at CSI Ltd, said: “The cost-of-living crisis is very attractive for threat actors looking to prey on victims who may be more vulnerable than normal. Criminal opportunists understand that resources are increasingly being squeezed and constrained and employees may be less diligent about clicking on links. Unfortunately, it presents the perfect landscape for them to thrive.”
CSI recommends the following security controls alongside an employee education programme:
- Immutable backup and disaster recovery. Organisations should regularly perform immutable backups and be able to deploy to production servers immediately in case of a ransomware attack or other data loss.
- Endpoint detection and response (EDR). Install antivirus solutions to protect endpoints against malware, viruses and other attacks.
- Managed detection and response (MDR). Using a cybersecurity service that combines technology and human expertise will provide more effective threat hunting, monitoring and response. The main benefit of MDR is that it helps identify and limit the impact of threats without the need for additional staffing.
- Security Orchestration, Automation and Response (SOAR). This streamlines security operations in three key areas: threat and vulnerability management, incident response and security operations automation.
- Patch management. Consistently implement patches and updates.
- Multi Factor Authentication. Use MFA to verify a user’s identity before allowing access.
Be First to Comment