11th June 2018
Switch2IT follows best practice Cybersecurity to Protect Clients
On going Cybersecurity Audits Protect our Clients
New research conducted by Citrix – a US multinational company that provides software as a service and cloud computing technologies – shows that UK businesses often overlook the supply chain as far as their IT security strategy is concerned. And, despite confidence in their own organisations’ cybersecurity standards, this negligence could cause problems when cyber criminals use suppliers as a stepping stone to reach their target business.
The Switch2IT team agrees with Chris Mayers, Citrix’s chief security architect, who says:
"Recent cyber-attacks demonstrate that the supply chain can be the weakest link for a significant number of organisations. For example, the 'NotPetya' campaign began with an extremely effective supply chain attack, which had disastrous consequences for Ukraine's national bank, airport and government department - proceeding to infect machines in a staggering 64 countries. It is therefore vital that businesses conduct the necessary due diligence when integrating a new provider into their supply chain".
In a survey of 750 respondents Citrix uncovered the following results:
Company steps towards cybersecurity audits for new suppliers
- Just 35% considered IT security audits performed at the instatement of new suppliers “very comprehensive”
- Around one in 10 revealed that these checks involve only a few questions at the time of pitching with no follow-up
- 20% said they do not bother to communicate with suppliers when a test of their cybersecurity recovery process is carried out
Company preparation for, and exposure, to cybersecurity breaches
- 49% revealed confidence in their organisation’s preparation against a distributed denial of service (DDoS) or application layer attack
- Over 50% revealed confidence in their organisation’s preparation against ransomware
- 64% revealed confidence in their organisation’s preparation against phishing scams
- 72% revealed confidence in their organisation’s preparation against malware
- Almost 50% said their business had fallen victim to a data breach in the last three months
- 11% admitted they had suffered a data breach in the last week
How Switch2IT diminishes cybersecurity risks associated with the supply chain
Switch2IT Director and Information Security Architect Daniel Piggott says:
“In terms of where we start when helping a new client to improve their IT security and supply chain, we benchmark them against Cyber Essentials’ standards and add to that our own experiences to see if they are a good fit for us.
“We have always taken the cybersecurity of all our clients seriously so we would never work with someone who could put the stability of this at risk and now, with the onset of the new GDPR, there’s even more incentive for businesses to do their best – which can only be a good thing.”
Cyber Essentials, the UK Government's National Cyber Security Strategy, aims to keep UK businesses safe. Part of this is that, as of October 2014, all suppliers bidding for government contracts that handle sensitive information must be Cyber Essentials compliant.
The scheme identifies some essential IT security controls that an organisation must have in place to help defend against cyber-attacks. CREST, an approved accreditation body under the UK Government Cyber Essentials scheme whose role is to create and maintain high standards within the cyber security sector and to drive a consistency of quality across its member organisations to offer assurance to the buying community, has developed an assessment framework to support this venture which forms a deliverable strategy that focuses on five key areas:
- Secure configuration
- Boundary firewalls and internet gateways
- Access control and administrative privilege management
- Patch management
- Malware protection
As well as having a proven track-record with our excellent IT managed service contracts, Switch2IT has been Cyber Essentials certified since 2015, so we only judge others by our own high standards. We believe that our – as well as our clients and their clients – having confidence to address cyber security effectively and mitigate the risk from internet-borne threats is the way forward for UK businesses.
If you are looking for a Cyber Essentials accredited partner to provide complete IT solutions and technical support services to your business – and you also take Cyber Essentials’ standards seriously as part of your own business practice – please contact us today.
13th October 2018
Are you Getting the Best from Technology in the Workplace?
Did you know, the average person touches their mobile phone more than 2000 times a day? Yikes, and we wonder why workers are not getting those tasks done! How productive are UK businesses really? While some believe that the digital revolution is in its infancy and others feel that productivity is not yet being measured as it should, there is a cam...Read More >
28th September 2018
How to Choose IT Support to Suit Your Business
How to Choose IT Support to Suit Your Business Despite IT infrastructure being instrumental to the everyday running of most UK businesses, the appointment of reliable and dedicated technical support is still not a priority for many SMEs. One possible reason is that they are relying on the advancement of technology to pick up the slack. But, as t...Read More >
29th August 2018
How can a VPN Increase IT Security and Business Productivity?
VPN for Better IT Security and Business Productivity At the end of the day, a business cannot run efficiently without an excellent cyber security strategy in place. Any risk of malware, hacks, phishing scams and data breaches puts your business on shaky ground and if you can avoid these pitfalls then your future will be brighter. The Switch2IT te...Read More >
31st July 2018
The Intelligence Network: Big Boys Collaborate to Tackle Cybercrime
Big Boys Pull Together to Tackle Cybercrime It seems that businesses are, at long last, going to be more accountable for cybercrime. We are happy to hear that the likes of BAE Systems and Vodafone are finally on the same page with an aim for more transparency and collaboration when it comes to cyber security. With the growth in the amount and seve...Read More >