Over the past twelve months 39% of UK businesses have reported a cyber-attack of some kind.
Conducting regular cyber security audits of your IT systems and networks could be the key to increasing your organisational resilience. Strong auditing procedures can also reduce the threat to your organisation’s people and data from malicious actors as well as internal and external cyber security threats.
4 Current cyber security trends
1. Rising number of ransomware attacks
The number of ransomware attacks are on the increase. Big names such as Uber, IHG, and Rockstar Games have been targeted by malicious attacks. The hackers behind the IHG incident were blocked by the chain’s security measures from carrying out their intended ransomware attack. Instead, they switched to an attack designed to destroy data rather than hold it hostage. The individual behind both the attacks on Uber and Rockstar claimed to be interested solely in publicity.
Ransomware can be a serious issue for companies large and small. Last year global damages from ransomware totalled $20billion. Increased security measures and improving employee training around cybersecurity will help lessen the likelihood of successful attacks.
2. Stricter cyber security regulations
Governments and regulatory bodies are increasingly aware of issues surrounding cyber security risks and are making moves to protect individuals and businesses through stricter regulations and greater enforcement. In the UK, proposals include stricter duties and the imposition of heavy fines for companies providing digital, financial and essential services that fail to put in place effective security measures, along with increased incident reporting requirements and higher professional standards when it comes to qualifications and certifications in cyber security.
3. Increased adoption of multi-factor authentication
More and more businesses are adopting multi-factor authentication for both consumer–facing applications and internal systems. By adding another layer of security, organisations hope to prevent incidences like the recent attack on SeeSaw, a platform used by schools to engage with students and parents. SeeSaw users had their login details stolen from other platforms which were then used to access the app and send explicit images to other users. Whilst only 0.5% of the app’s users were affected, the incident serves as a reminder that multi-factor authentication can protect organisations of all sizes including schools.
4. Rise of targeting phishing attacks
This month the Financial Conduct Authority issued a warning that a combination of COVID, the energy crisis and rising living costs was making individuals and businesses more vulnerable to scammers using misdirection and phishing tactics. Targeted scams use information collected through earlier scams or through easily available information about employees or companies to make their attacks more convincing. Geo-targeting and personalisation can make these scam emails and texts almost impossible to distinguish from the real thing.
Using an IT audit to anticipate and address cyber security threats
A thorough IT audit can be used to identify and address security weaknesses across your network and ensure your cyber security practices comply with regulations. Some signs you should consider conducting an IT audit include:
- Your organisation is reliant on old tech
- Your policies and procedures are outdated
- You do not audit regularly and consistently
- You fear adopting new tech will leave your business exposed
An IT audit has many benefits, not least that it will show you where you should focus your efforts when building a reliable cyber security resilience framework. A good IT audit will:
- Reduce the risk of data breaches,
- Minimise the possibility of financial losses
- Ensure cyber security best practices are being followed
- Prevent penalties for non-compliance and reputational damage
- Provide insights into possible cyber security improvements
When you plan your IT audit you should focus on covering the following areas:
- Data security: this includes who can access your network, how sensitive information moves through your organisation and how data is secured and stored
- Operational security: the security policies, procedures and controls that are in place
- Network security: who has access to your network, how it is protected and monitored
- System security: the structure of your IT systems, the software used, how it is updated and who has privileged access and control of the system
- Physical security: your premises as well as physical devices that are used by your employees as well as the places sensitive information is stored
We understand that auditing your organisation’s IT and cyber security can feel overwhelming which is why Fruition Consulting can provide the expertise you need
Our mission is simple, to help our customers accelerate their digital journey and achieve their business goals, safely and securely.
Cyber security is already a priority for organisations across all industries, but where do you start if you are falling behind, need to rapidly scale up your infrastructure or simply need to streamline your current efforts to improve business efficiency?
Fruition Consulting is perfectly placed to support and guide you, from an initial strategy to implementation of required changes. Our access to the best technology talent in the country means we can provide you with the people you need, when you need them.
Get in touch to find out more.
