IT Solutions
Depend on us to get your organisation to the next level.
Sectors
BCN have a heritage of delivering outcomes through our cloud-first services and currently support over 1200 customers across specialist sectors.
About Us
Your tech partner
June 2024
That was the stark warning from our CTO, Mark Rotheram, during our recent cyber security webinar; ‘Break Through Your Security Baseline.’
Both Mark and our Head of Compliance, Simon Edwards, took the audience through an update on the UK’s current security posture and how businesses can improve their security baseline to handle the new threats.
Here’s a summary of the key themes.
As of mid-2024, only 13% of organisations have a security posture resilient enough to see off the current wave of targeted attacks.
The trend is worsening – but not as a result of a lack of investment. Instead the threats are more prevalent, quicker and more efficient.
The relentless nature of security messaging can lead business to believe that they’re up to date and can take a breath, but as the statistics show, very few remain properly protected.
There are groups of individuals across the globe whose sole intent is to harvest information. They don’t use the data to hack, or extort businesses themselves, instead, they want to find out everything they can about companies’ IT infrastructure to sell to hackers on the dark web.
The effect is a supply chain of malicious operators taking whatever steps they can to access your critical information.
Previously, attacks would be manually crafted – hackers developing malware, or sending phishing emails. But now, cyber criminals are getting help from AI.
As a result, they’re able to target more companies, use AI to access more data, and leave even more companies vulnerable.
All businesses should know their cyber security baseline – the level at which they are currently protected.
Once this is known, work to maintain and improve the baseline should be based on risk appetite, and available security budget.
There are four areas to consider with your security baseline:
Level 1. Patching systems. If you are ensuring that your legacy systems are patched, you have the level 1 baseline covered.
Level 2. Securing your systems. If you have systems that you’ve consciously secured, you’ve applied policies and have a level of security embedded across your infrastructure, that’s level 2.
Level 3. The human element. Level 3 covers the people who have access to your systems. Do you have plans in place to keep your people trained and up to date with your security measures? Do you have the ‘human’ risk adequately covered?
Level 4. Fending off zero day hacks. Level 4 means having the capability to fend off attacks as they happen, with the right security protections and automation.
Ideally, every organisation should work towards a baseline at around Level 3 – in other words, have enough protections in place that a cyber attack can be stopped in its tracks, but also that if they’re looking for easy targets, the cyber attackers will pass your business by.
Investing in defence mechanisms to detect and mediate cyber attacks is critical. Though 100% protection is near impossible due to the changing nature of attacks, a good base level is Cyber Essentials – a bundle of technical security controls and awareness training that are relatively easy to implement and can protect against around 80% of common online threats.
BCN’s cyber security pledge aims to help businesses safeguard against the latest cyber threats with best-in-class solutions tailored to your needs. If you want to improve your security baseline, take a look at our cyber security services.
