When it comes to the safety of your business’s IT infrastructure, there should be no expense spared, especially if your business relies heavily upon it. Cyber security breaches can be detrimental to business, but the risks become significantly lower if you have a secure and efficient security system in place.
At Flyford Connect, we provide our clients with top-of-the-line anti-virus and anti-spam, as well as data encryption and backup and disaster recovery. We protect our clients’ data by using a multi-layered approach, where we use multiple security software products to best keep their systems safe.
When businesses do not have suitable cyber security, they put themselves at risk of having their data stolen. Cyber security breaches are a serious threat to all businesses, no matter the profession or size.
There are several risks associated with data breaches, whether they are personal or professional. Some of the most common consequences of personal data breaches include identity theft, discrimination and reputational damage to the people whose data has been breached. For companies, data breaches that result in the leak of customers’ sensitive information can be extremely damaging, and consequences such as diminished reputation and loss of customer trust can be observed. After all, your customers share their sensitive information with businesses like yours assuming that you have the proper security measures in place to protect their data.
Not every business has the perfect cyber security in place, not even some of the biggest and most well-known (such as Facebook and Google, who have both had severe leaks within the past 5 years). When large cyber security breaches happen, and accounts or information is compromised, it puts into perspective how difficult it is for companies to keep their user’s data secure without the right security measures in place.
It should be remembered, however, that data breaches aren’t only caused by cyber security failure. There are many reasons that a data breach may occur, including malware, theft of physical property (such as work laptops, storage devices and mobile phones), or even employees not following their company’s policies when it comes to data.
A blog by IT Governance highlights the most common ways that data breaches occur, including unauthorised use of data, which accounts for 8%, and human error, which makes up around 22% of data breaches. For example, the latter happened at the 2019 New Year’s Honours, in which 1,097 unredacted addresses of people receiving New Year honours for 2020 (including Sir Elton John, cricketer Ben Stokes and chef Ainsley Harriott) were leaked and accessible for two and a half hours and accessed 3,872 times.
In the UK, data breaches cost less than the global average, but security budgets are also smaller. Due to this, the vast majority of companies in the country have suffered some form of a data breach incident, and it is usually by phishing. Among all of the companies that have been breached in the past few years, small businesses are reportedly the ones that are most at risk of a cyber-attack.
For example, one small business in the UK is successfully hacked every 19 seconds, according to Hiscox. This is the equivalent of 4,500 small-to-medium-sized businesses being successfully hacked every single day out of an estimated 65,000 daily attempts. When that number is scaled up to give a yearly figure, it equates to around 1.6 million of the 5.6 SMEs in the UK being hacked successfully annually. (CSO Online)
When it is taken into consideration that most data breaches in the UK are made possible through phishing, it should come as no surprise that nearly 55% of all UK emails sent are spam, with one in every 3,722 emails sent in the UK being a phishing attempt. As there are roughly 90 trillion emails sent in the UK annually, which boils down to around 247 billion emails sent every single day. With that many emails being sent daily, there is no doubting that the number of phishing attempts is extremely high, and therefore the number of phishing victims is high too.
According to Cyber Security Breaches Survey 2021, in 2021 alone, four in ten businesses (39%) reported having cyber security breaches within 12 months. This number is higher among medium businesses (65%) and large businesses (64%), which is in line with reports from previous years.
Fewer businesses in 2021 had identified breaches or attacks than in 2020 (when it was 46%), which may be a result of the pandemic, as there had been a reduction in trading activity from businesses, therefore some businesses may have temporarily become less detectable to attackers.
This doesn’t mean that the risk level is lower, however, as evidence suggests that businesses are finding it harder to administer security measures during the pandemic. For example, there has been a 5% reduction in businesses deploying security monitoring tools (35% as opposed to 40% in 2020) and there have been fewer businesses undertaking any form of user monitoring (32% vs 38% in 2020). This reduction may be indicative that businesses are simply less aware than before of the breaches and attacks their staff are facing.
Among the businesses that had identified breaches or attacks, around a quarter (27%) experience them at least once a week. The most common by far were phishing attacks, followed by impersonation (83% and 27% respectively), which are in line with the 2019 and 2020 results.
Among the 39% of businesses that identify breaches or attacks, one in five (21%) end up losing money, data or other assets. The proportions of businesses experiencing a negative impact in 2021 were significantly lower than in 2019 and the years before. This has nothing to do with a lower frequency of attacks (as there has been no notable change), but rather that more organisations are implementing basic cyber security measures following the introduction of the General Data Protection Regulation (GDPR) in 2016. It could also reflect other trends such as the rising use of cloud storage and backups.
On average, where businesses faced breaches with material outcomes, the cost of a cyber security breach is estimated to be around £8,460. For medium and large firms combined, the average cost is higher, at £13,400.
Having a secure and effective cyber security system is imperative to minimise the risk of your business falling victim to a data breach. As a company that has over a decade of experience in the IT sector, there are a few cyber security programs that we use and heavily recommend for you and your business to keep your infrastructure safe.
When we set up devices such as computers and laptops for our clients, we use a multi-layered approach in order to best protect their data. The programs we offer are tailored to our client’s needs, so if any product isn’t suitable for them, then they won’t have it. The following are cyber security programs that we offer our clients:
All of the products listed above are secure, efficient and affordable, which makes them the perfect cyber security solution for you and your business. Let’s explore what each of these has to offer.
This software combines threat protection, vulnerability management, access management, email security and anti-virus into a single platform.
Every single cyber security solution in the Heimdal suite is designed to seamlessly communicate with each other, as well as integrate with other security products that the user is utilising. This is how Heimdal Security managed to achieve the gold standard in cyber security today – unification. All of Heimdal’s solutions operate under one roof, known as the Heimdal Unified Dashboard.
As well as this, Heimdal’s products are not only trained to detect and respond to threats but to actively hunt them as well. This means that Heimdal can predict future threats with 96% accuracy, therefore adding prevention to your defensive layers.
BitLocker is a full volume encryption feature included with all Microsoft Windows versions, starting with Windows Vista. It can be used to effectively mitigate unauthorised data access on lost or stolen devices, as it encrypts all user and system files on the operating system drive, including swap files (a file that contains data retrieved from system memory or RAM) and hibernation files (basically the compressed contents of Windows memory from when the system “goes to sleep”).
As well as encrypting the system drive, BitLocker comes with an additional feature – BitLocker To Go. The function of this aspect of BitLocker, as the name suggests, is to encrypt removable devices such as memory sticks, USB thumb drives and external hard drives so that they are encrypted and protected “on the go”.
This software provides easy, comprehensive and affordable solutions for email protection, application and cloud security, network security and data protection. The company’s security products also include products for protection against email, web surfing, web hackers and instant messaging threats such as spam, spyware, trojans, and viruses.
The main use is for email protection, which Barracuda does incredibly efficiently by quarantining any potential spam emails, which then allows the user to choose whether or not they receive them.
When quarantined emails arrive in the user’s inbox, they will see them labelled as an email from “Barracuda Networks”. Upon opening the email, they are shown the sender of the email, the date and time it was received, and the subject line. They are then given three options:
- Deliver – This quarantined email will be delivered, but any future emails from the sender will continue to be quarantined.
- Allow List – This will send the quarantined email to the user’s primary inbox, and no future emails from this sender will be quarantined. Their email is then added to the Allow List.
- Block List – This email will not be delivered, and the user will no longer receive quarantine emails under the Barracuda Networks name for this sender. Any future emails from this sender will also not be delivered, and their email address will be added to the block list.
ThreatLocker is a low management, fast to deploy Application Whitelisting and Ringfencing solution that puts the user’s business in control over what software is running on their endpoints and servers.
While protecting against malware is an essential feature of this software, they also take storage control beyond just blocking USB hard drives. They give the user granular control over what happens on external storage devices, including network-attached storage, USB drives and even secondary hard drives directly connected to their computer.
In addition, their Ringfencing lets the user decide how they want apps to interact with their data, so if any program tries to encrypt data that it isn’t authorised to, it will be blocked.
Keeper is a management system that stores website passwords, sensitive documents, attachments and notes using encryption, two-factor authentication and zero-knowledge architecture (meaning that Keeper’s employees can’t access any of the data in user accounts).
This product is highly secure, easy to use and rich with features that enhance the user experience. It uses the standard 256-bit AES encryption to secure all user passwords and data, which is the same level of encryption as is used by banks and governments, and is therefore virtually unbreakable.
As well as being a digital vault that securely stores your passwords and confidential information, Keeper offers a wide range of multi-factor authentication (MFA) options – including biometrics such as Touch ID and Face ID authentication.
Keeper also offers extra security tools that include password security auditing, Dark Web monitoring, an encrypted messaging app and more. It can also generate strong passwords for you, and you can choose the length that you want it to be, whether that is 10 characters or 100. You also have the option to remove symbols from your password if you need to.
Having a secure and effective cyber security system is a must, and with the products listed in this blog, your system could be virtually impenetrable to hackers and predators. It is important, however, to have a detailed audit to ensure that you are getting the most suitable solution for you and your business. If you would like to learn more about how we can help to secure your business cyberinfrastructure, you can reach out to us to arrange an initial chat to discuss your business requirements and provide advice.
You can contact us through the following: