layer 1 layer 2 layer 3 layer 4 layer 5 abstract shapes

Break Through Your Security Baseline: A webinar by BCN

“Security never stops. Cyber-attacks are only increasing.”

That was the stark warning from our CTO, Mark Rotherham, during our recent cyber security webinar; ‘Break Through Your Security Baseline.’

Both Mark and our Head of Compliance, Simon Edwards, took the audience through an update on the UK’s current security posture and how businesses can improve their security baseline to handle the new threats.

Here’s a summary of the key themes.

Theme 1. The UK’s cyber posture

As of mid-2024, only 13% of organisations have a security posture resilient enough to see off the current wave of targeted attacks.

The trend is worsening – but not as a result of a lack of investment. Instead the threats are more prevalent, quicker and more efficient.

The relentless nature of security messaging can lead business to believe that they’re up to date and can take a breath, but as the statistics show, very few remain properly protected.

Theme 2. Your data is for sale

There are groups of individuals across the globe whose sole intent is to harvest information. They don’t use the data to hack, or extort businesses themselves, instead, they want to find out everything they can about companies’ IT infrastructure to sell to hackers on the dark web.

The effect is a supply chain of malicious operators taking whatever steps they can to access your critical information.

Theme 3. AI generated attacks

Previously, attacks would be manually crafted – hackers developing malware, or sending phishing emails. But now, cyber criminals are getting help from AI.

As a result, they’re able to target more companies, use AI to access more data, and leave even more companies vulnerable.

What is your security baseline?

All businesses should know their cyber security baseline – the level at which they are currently protected.

Once this is known, work to maintain and improve the baseline should be based on risk appetite, and available security budget.

There are four areas to consider with your security baseline:

Level 1. Patching systems. If you are ensuring that your legacy systems are patched, you have the level 1 baseline covered. 

Level 2. Securing your systems. If you have systems that you’ve consciously secured, you’ve applied policies and have a level of security embedded across your infrastructure, that’s level 2. 

Level 3. The human element. Level 3 covers the people who have access to your systems. Do you have plans in place to keep your people trained and up to date with your security measures? Do you have the ‘human’ risk adequately covered? 

Level 4. Fending off zero day hacks. Level 4 means having the capability to fend off attacks as they happen, with the right security protections and automation.

Where should your security baseline be?

Ideally, every organisation should work towards a baseline at around Level 3 – in other words, have enough protections in place that a cyber attack can be stopped in its tracks, but also that if they’re looking for easy targets, the cyber attackers will pass your business by. 

Investing in defence mechanisms to detect and mediate cyber attacks is critical. Though 100% protection is near impossible due to the changing nature of attacks, a good base level is Cyber Essentials – a bundle of technical security controls and awareness training that are relatively easy to implement and can protect against around 80% of common online threats.

Are you ready to take your baseline to the next level?

BCN’s cyber security pledge aims to help businesses safeguard against the latest cyber threats with best-in-class solutions tailored to your needs. If you want to improve your security baseline, take a look at our cyber security services

Watch the recording below

If you haven’t yet had a chance to catch the webinar, follow the link

Watch the webinar recording down down down