11th June 2018
Switch2IT follows best practice Cybersecurity to Protect Clients

On going Cybersecurity Audits Protect our Clients

New research conducted by Citrix – a US multinational company that provides software as a service and cloud computing technologies – shows that UK businesses often overlook the supply chain as far as their IT security strategy is concerned. And, despite confidence in their own organisations’ cybersecurity standards, this negligence could cause problems when cyber criminals use suppliers as a stepping stone to reach their target business.

The Switch2IT team agrees with Chris Mayers, Citrix’s chief security architect, who says:

"Recent cyber-attacks demonstrate that the supply chain can be the weakest link for a significant number of organisations. For example, the 'NotPetya' campaign began with an extremely effective supply chain attack, which had disastrous consequences for Ukraine's national bank, airport and government department - proceeding to infect machines in a staggering 64 countries. It is therefore vital that businesses conduct the necessary due diligence when integrating a new provider into their supply chain".

In a survey of 750 respondents Citrix uncovered the following results:

Company steps towards cybersecurity audits for new suppliers

  • Just 35% considered IT security audits performed at the instatement of new suppliers “very comprehensive”
  •  Around one in 10 revealed that these checks involve only a few questions at the time of pitching with no follow-up
  •  20% said they do not bother to communicate with suppliers when a test of their cybersecurity recovery process is carried out

 Company preparation for, and exposure, to cybersecurity breaches

  •  49% revealed confidence in their organisation’s preparation against a distributed denial of service (DDoS) or application layer attack
  •  Over 50% revealed confidence in their organisation’s preparation against ransomware
  •  64% revealed confidence in their organisation’s preparation against phishing scams
  •  72% revealed confidence in their organisation’s preparation against malware
  •  Almost 50% said their business had fallen victim to a data breach in the last three months
  •  11% admitted they had suffered a data breach in the last week

How Switch2IT diminishes cybersecurity risks associated with the supply chain

Switch2IT Director and Information Security Architect Daniel Piggott says:

“In terms of where we start when helping a new client to improve their IT security and supply chain, we benchmark them against Cyber Essentials’ standards and add to that our own experiences to see if they are a good fit for us.

“We have always taken the cybersecurity of all our clients seriously so we would never work with someone who could put the stability of this at risk and now, with the onset of the new GDPR, there’s even more incentive for businesses to do their best – which can only be a good thing.”

Cyber Essentials, the UK Government's National Cyber Security Strategy, aims to keep UK businesses safe. Part of this is that, as of October 2014, all suppliers bidding for government contracts that handle sensitive information must be Cyber Essentials compliant.

The scheme identifies some essential IT security controls that an organisation must have in place to help defend against cyber-attacks. CREST, an approved accreditation body under the UK Government Cyber Essentials scheme whose role is to create and maintain high standards within the cyber security sector and to drive a consistency of quality across its member organisations to offer assurance to the buying community, has developed an assessment framework to support this venture which forms a deliverable strategy that focuses on five key areas:

  • Secure configuration
  • Boundary firewalls and internet gateways
  • Access control and administrative privilege management
  • Patch management
  • Malware protection

As well as having a proven track-record with our excellent IT managed service contracts, Switch2IT has been Cyber Essentials certified since 2015, so we only judge others by our own high standards. We believe that our – as well as our clients and their clients – having confidence to address cyber security effectively and mitigate the risk from internet-borne threats is the way forward for UK businesses.  

If you are looking for a Cyber Essentials accredited partner to provide complete IT solutions and technical support services to your business – and you also take Cyber Essentials’ standards seriously as part of your own business practice – please  contact us  today.

Latest News

29th May 2019
Why crypto currency is less of a cyber security risk than you think

Bitcoin or Bust? In Defence of Crypto Currency The rise of bitcoin has certainly put the cat amongst the pigeons in the world of finance (and cyber security). Once mocked as a flash in the pan, crypto currency is now a major player in the money markets, with “blockchain” the new word on everyone’s lips. Unsurprisingly, certain ...

Read More >
30th April 2019
Do you know your AI from your Automation?

Do you know your AI from your Automation? In these nervous times, few terms have gained more traction than “Artificial Intelligence”. Often misunderstood, automation has come a long way from the realms of science fiction stories, embedding itself into our everyday lives and alleviating the burden of many mundane tasks at work. Did you...

Read More >
29th March 2019
It is time to get tough with the big boys over data privacy

It’s time to get tough with the “big boys” over data privacy You know the feeling. You have just installed or upgraded a piece of software and the first thing you are met with is a long, tedious “privacy agreement.” Does anyone have the time or inclination to sit and read every line of this sleep-inducing tome? Not us...

Read More >
20th February 2019
Are tech giants doing enough to serve their communities?

Are Tech Giants Doing Enough to Serve Communities They’ve Transformed? It is one of the great debates of our times. To what extent should giant tech companies take the ethical lead and fulfil their tax paying obligations? Indeed, the Switch2IT team has been quick to call out the “big boys” on a range of issues where they have not...

Read More >