Author: Josh Mantle

Mimecast Launches Innovative Human Risk Management Platform

Posted on by Josh Mantle

Mimecast Launches Innovative Human Risk Management Platform

Organisations can now revolutionise their approach to mitigating employee risk with a new human risk dashboard and adaptive education solution.

Mimecast, a global leader in cybersecurity, has unveiled its Human Risk Management (HRM) platform, marking a significant milestone in advancing towards the next generation of cybersecurity solutions. Responding to growing customer demand for more effective ways to reduce risk stemming from employee errors, Mimecast has introduced an integrated HRM platform. This platform offers unprecedented visibility into an organisation’s risk profile, scoring users based on risk and empowering security teams to educate and protect the most vulnerable parts of their workforce.

Human Risk Management Platform: Addressing Complex Challenges

A small fraction of users often account for the majority of security incidents. However, until now, organisations have relied on disparate security products that fail to differentiate between different levels of risk among employees. This results in frustrated users who disregard constant security warnings and bypass scattered controls, ultimately increasing both individual and organisational risk. Mimecast’s integrated HRM platform, built on a central risk engine, aims to counter evolving threats targeting human errors within organisations. The platform provides proactive controls and direct interventions to mitigate risks associated with behaviours such as clicking on malicious links, opening harmful attachments, or unintentionally sharing sensitive documents.

In today’s interconnected environment, employees have access to numerous collaboration tools and vast amounts of organisational data, making them prime targets for sophisticated attacks like business email compromise (BEC) and phishing. However, their constant multitasking and use of multiple tools also make them more susceptible to errors. Traditional security measures often fall short in addressing these human-centric risks, leaving organisations vulnerable.

“Our platform focuses on safeguarding organisations against employee errors and user mistakes, integrating essential defence and data controls to deliver one of the most comprehensive approaches to human risk management,” explained Marc van Zadelhoff, CEO of Mimecast. “We offer a unified solution that consolidates various technologies – from Mimecast and numerous partners – to help organisations protect collaboration environments and engage employees in risk mitigation.”

Human Risk Dashboard: Unmatched Visibility

The HRM platform features an innovative human risk dashboard, offering security teams company-wide risk scoring and visibility based on event data from native Mimecast metrics as well as current and future integrations with third-party tools. Beyond providing enhanced visibility at organisational, group, and individual levels, this dashboard quantifies attack factors by measuring the frequency and severity of inbound threats. Plans include analysing inbound phishing attempts, blocked malware, malicious web content from visited sites, and more. With complete access to this data, organisations can tailor security strategies accordingly, including awareness initiatives that provide targeted training where most needed and less where it’s not.

Mimecast Engage™: Revolutionising Security Awareness

A cornerstone of the platform is Mimecast’s new human risk awareness training, Mimecast Engage™, designed to redefine how security leaders manage human risk. Traditional security awareness programmes typically adopt a one-size-fits-all approach, making it difficult for IT leaders to identify high-risk employees or effectively mitigate risky behaviors. Mimecast Engage technology integrates insights from the human risk dashboard with the awareness training product acquired from Elevate Security in December 2023. This integration eliminates blind spots by offering extensive visibility into risky behaviours and tailoring interventions to each employee’s unique risk profile. This approach also boosts productivity by minimising interruptions for low-risk employees, allowing them to focus on critical business tasks.

“Mimecast Engage awareness and training empowers security teams to identify and mitigate risky behaviors with smarter, targeted training interventions,” said van Zadelhoff. “It leverages risk insights from the Mimecast ecosystem and beyond to deliver contextual interventions at the point of risk, enhancing overall workspace security.”

Key Benefits of the Human Risk Management Platform:

  • Visibility: The comprehensive human risk dashboard covers the collaborative landscape, helping organisations stay ahead of evolving threats.
  • Insight: With over two decades of cybersecurity expertise, Mimecast’s HRM platform aligns cyber and human risk for detailed, actionable insights, enabling informed decision-making by CISOs and security analysts.
  • Action: The AI-powered platform ensures rapid threat detection and elimination, supporting precise, proactive decision-making.

Mimecast is driving innovation in human risk management. Its HRM platform and Mimecast Engage technology set a new standard for security, embedding protection into every facet of human interaction in an increasingly complex digital world.

Take Action on Human Risk Today

Don’t wait for a security incident to expose vulnerabilities in your human risk management strategy. Strengthen your defences now by implementing a comprehensive approach to managing employee risk. Our team offers tailored solutions, from advanced visibility into risky behaviours to automated security awareness training, helping you stay ahead of potential threats. Get in touch to find out how we can support your organisation’s cybersecurity efforts with proactive human risk management.

 

The Critical Importance of Patch Management: Safeguarding Against Threats

Posted on by Josh Mantle

The Critical Importance of Patch Management: Safeguarding Against Threats Like CVE-2024-38063 

In today’s rapidly evolving digital landscape, effective patch management is not just a best practice—it’s a necessity. The recent disclosure of CVE-2024-38063, a critical Remote Code Execution (RCE) vulnerability affecting Windows systems with IPv6 enabled, underscores the importance of timely patching. While this vulnerability has been patched, it serves as a stark reminder of what can happen when systems are left exposed. In this blog post, we’ll explore the significance of patch management, drawing on insights from the Tech Takeaway podcast, where Jason and Paul discuss the vital role, it plays in cybersecurity. 

What Is Patch Management? 

Patch management is the process of regularly updating your systems, applications, and devices to protect them from vulnerabilities. It’s a crucial defence against potential exploits, such as the one posed by CVE-2024-38063. This particular flaw, which allowed attackers to execute arbitrary code remotely by exploiting how Windows processes IPv6 packets, could have led to catastrophic system compromises if left unpatched. By applying the latest updates, organisations can close these security gaps before they can be exploited. 

The Crucial Role of Patch Management in Security 

Unpatched systems are a significant source of security breaches. As highlighted in the Tech Takeaway podcast, it’s shocking how many organisations fall victim to attacks due to outdated software. Even when patches are available, they often go unimplemented for years, leaving systems vulnerable. The swift release of a patch for CVE-2024-38063 by Microsoft demonstrates the importance of being proactive in patch management. Regular updates can prevent the exploitation of vulnerabilities, reducing the risk of ransomware, data breaches, and other cyber threats. 

Common Challenges in Patch Management 

Patch management isn’t without its challenges. Many assume that running regular Windows updates is sufficient, but as Jason points out, this is a dangerous misconception. Effective patch management requires attention to all software layers, including third-party applications, firmware, and network devices like IP cameras and printers. The complexity of managing updates across a large network can make this process daunting, particularly without the right tools. 

Best Practices for Effective Patch Management 

To protect your organisation, consider the following best practices for patch management: 

  • Systematic Updates: Develop a structured approach to ensure all devices are regularly updated. 
  • Use of Tools: Employ tools like WSUS for Windows environments and third-party solutions for comprehensive patching. 
  • Prioritisation: Focus on high-risk vulnerabilities, but don’t neglect lower-risk patches. 
  • Testing and Backup: Always test patches on a few devices before full deployment and have a backup plan in place. 

 

The Role of Automation and Tools in Patch Management 

Automation is a game-changer in patch management. With specialised tools, organisations can manage updates across even the most extensive networks, ensuring that all systems—including remote devices—are up to date. These tools not only streamline the process but also reduce the risk of human error, making it easier to maintain a secure network. 

Conclusion 

The discovery and swift patching of CVE-2024-38063 highlight the critical importance of patch management in today’s cybersecurity landscape. By keeping systems updated, organisations can protect themselves against the latest threats and ensure business continuity. As Jason and Paul from the Tech Takeaway podcast advise: “Patch, patch, patch!” 

Act Now 

Don’t wait for a security breach to reveal gaps in your patch management strategy. Implement a robust process today to keep your systems and data secure. If you need assistance, our team offers tailored solutions to streamline and automate your patch management, helping you stay ahead of potential threats. Contact us to learn more about how we can support your cybersecurity efforts. 

Check out our Tech Takeaways podcast episode titled ‘Mastering patch management’ where hosts Paul and Jason look into common challenges and misconceptions as well as impact on users and businesses.

 

Microsoft and Crowdstrike’s Imperfect Storm

Posted on by Josh Mantle

Friday 19th July was not a lot of fun, for quite a lot of people and that certainly included those at both Microsoft and Crowdstrike. As both organisations had incidents that had a significant impact on systems and people across the globe.

What happened?

Firstly, Microsoft, made some changes in their central US region, that did not act as expected and impacted Azure and M365 services. While it was identified quickly and fixes applied, it did still have global impact and meant service degradation for many customers. Secondly, CrowdStrike, had an issue with a content update. Like most security firms, it pushed out a content update to ensure its endpoint agent had the latest security intel, however, as their CEO

 

George Kurtz stated “The system was sent an update, and that update had a software bug in it and caused an issue with the Microsoft operating system”. That issue caused Windows devices to “Blue Screen”. While for many this meant not being able to access their devices and get on with their work. But it also had other wide-ranging effects, impacting multiple sectors, as it also impacted Windows-powered devices like kiosks, signage and control systems, making them unusable and causing services to fail and widespread disruption.

Questions

This article isn’t about pointing fingers, rather I just wanted to take a couple of minutes to ask, what has the events of Friday taught us?

Like with all incidents we should take some time to analyse what that incident means and what can we learn from it.

For me, it raised two obvious questions. Firstly resilience, both cases showed what can happen when we have all of our IT eggs in a single basket. Because if that service fails you, its impact can be significant. Secondly a question about update policies. As an industry, especially around cybersecurity, we advocate the importance of patching quickly. Some cybersecurity frameworks even dictate it. But what Friday showed is what can happen if a faulty update is pushed out.

Answers?

It’s very easy to jump into answer mode and state seemingly obvious answers to quite complex questions. It’s easy to say things like.

  • You shouldn’t have your eggs in one basket.
  • You shouldn’t use this vendor.
  • You shouldn’t just roll out updates.

But the problem with these things is they are rarely that simple. For example, while not having all your eggs sounds sensible and maybe in future customers won’t use a single vendor across all its endpoints, or have all of its infrastructure in a single cloud provider. But it’s not quite as easy as it sounds and it does have implications. This will lead to increased complexity, increased operations overhead, and subsequently increased costs. Does that mean you shouldn’t do it? No, but it is also important to understand that these changes have consequences and as always is a balancing act.

All about risk

While there are no easy answers to this, what it does remind us, is that IT infrastructure resilience and risk are inextricably linked. And when we look at potential ways of mitigating the impacts we saw on 19th July, we need to balance that with risk. IT does not come with

guarantees. And while it’s easy to point the finger at CrowdStrike or Microsoft, it’s important to note, that the reality is that it could easily have been two other vendors.

We also need to be aware that mitigating these types of risks isn’t free, it comes with a cost and has to be judged against the constant IT cycle of;

What’s the risk of something happening, what’s the impact of it happening and what’s the potential cost associated with it?

As an example, let’s apply this lens to “don’t just update”. The reason vendors like CrowdStrike apply these types of content updates is to ensure their endpoint tools are 100% up-to-date to deal with the very latest threats. Now, while we saw the impact of these sort of updates having an issue and it’s easy to say, well don’t update straight away. But what’s the risk of not having our security tools get the latest updates in a timely manner? Because, while the CrowdStrike incident was hugely impactful, the question to ask is, what’s the impact of not doing it, what risk does it pose and what is the potential cost of that risk? Is the cost of the risk of updating immediately, bigger than the risk of not doing it? Even as I write this, I realise there a nuances, even to this seemingly simple argument.

What to learn?

As a friend of mine Howard Holton highlights in his article Navigating the CrowdStrike outage, it “highlighted the vulnerabilities inherent in our interconnected world”. The fact that one failed update, impacted 1000’s of devices and 10’s of 1000’s of people needs to be something to learn from, not just for vendors, but equally for us as customers. We should ask ourselves a few simple questions.

  • Where’s our risk?
  • How do we mitigate the risks?
  • What is the cost versus impact of these actions?
  • And if all else fails, what do we do about it?

IT is complex and incidents like this are rare, but they can happen. If there is one positive we can take from this incident, it is we should all be able to learn from it. And, if we act upon what we learn, we will be better prepared for the next time.

Our team at Gardner Systems is ready to assist you in finding solutions that best fit your organisation’s unique needs. For any queries or to discuss this in more detail, please do not hesitate to contact us. 

Call us at 0151 220 5552, email us at Info@gardnersystems.co.uk or fill out a contact form here.  

Mastering Microsoft’s Price Shifts: What UK Orgs Need to Know

Posted on by Josh Mantle

Mastering Microsoft’s Price Shifts: What UK Organisations Need to Know

In the ever-evolving landscape of IT services, staying informed about vendor changes is crucial for effective budgeting and strategic planning. As a trusted IT partner, Gardner Systems is committed to keeping you updated. Last year, Microsoft announced some changes in their pricing structure that could influence your organisation’s expense with further changes. 

Understanding the Changes 

Microsoft’s Price Increase in 2023 

Last year, Microsoft raised its service prices by 9% in the UK. This adjustment was part of an effort to harmonies prices across various regions, including aligning UK prices with those in the US. This allows Microsoft to provide consistent pricing in different markets. 

Introduction of Semi-Annual Price Cadence 

Microsoft has also introduced a new pricing model: the semi-annual price cadence. This model allows it to modify prices twice a year, aligning with market dynamics and maintaining consistency across regional price lists. However, this could introduce some unpredictability for customers, especially those without long-term contracts. 

Why Does This Matter for Your Organisation? 

For organisations not under long-term agreements, these semi-annual adjustments could lead to unexpected cost increases. Factors like inflation and further pricing adjustments from Microsoft could significantly impact your IT budget.  

Microsoft plans to regularly evaluate pricing in local currencies every six months, factoring in currency fluctuations compared to the USD. Its aim is to enhance transparency and predictability for customers worldwide. 

What can you do? Consider a 12-Month Contract 

To reduce these uncertainties, consider a contract with a minimum duration of 12 months. This approach could provide several benefits: 

  1. Price Stability: A 12-month contract would “lock in” your current pricing, shielding your organisation from potential mid-year increases. 
  2. Budget Predictability: With stable costs, you can plan your budget more effectively, knowing your Microsoft expenses will not change for the next year. 
  3. Strategic Flexibility: This arrangement allows you to align your IT strategy with Microsoft’s evolving services without concerns about sudden price fluctuations. 

Why Gardner Systems? 

  • Expertise: Our experienced team is well-equipped to handle modern IT complexities, providing solutions that address your specific challenges. 
  • Customised Approach: We understand every business is unique. Our services are designed to meet your precise needs, offering comprehensive support from consultation to ongoing management. 
  • Results-Driven: We’re committed to enhancing your IT operations, reducing costs, and helping you stay competitive in the digital landscape. 

Our Key Offerings: 

  • Cost Optimisation advice: Gain detailed insights into your cloud usage and spending, with tailored recommendations to maximise efficiency and reduce costs without compromising performance. 
  • Exclusive Microsoft Workshops: Keep your team ahead with customised learning paths led by Microsoft-certified trainers, covering the latest technologies and best practices. 

How We Can Help 

Our team at Gardner Systems is ready to assist you in adapting to these changes and finding solutions that best fit your organisation’s unique needs. For any queries or to discuss this in more detail, please do not hesitate to contact us. 

Call us at 0151 220 5552, email us at contactus@gardnersystems.co.uk or fill out a contact form here.  

CTO Insights January Newsletter

Posted on by Josh Mantle

CTO Insights January 2024  

A new year, a new set of technology challenges and opportunities to tackle in 2024. As always with a new year, it’s a chance to look forward. This being IT let’s not look too far forward though! What’s likely to be challenging us in the first part of 2024? 

No escaping the AI beast 

The use of AI will continue to dominate business IT conversations. Microsoft’s co-pilot, OpenAI, Google etc are all continuing to push driving these technologies into every area of our lives. Co-Pilot is a particularly interesting one, with Microsoft already including it as an app in Windows 11, free as part of its Bing Chat service, and of course as an increasing presence across Microsoft 365.   

It’s not just here though. At the recent Consumer Electronics Show (CES2024) AI was front and centre. This included the intriguing Rabbit R1 which is an AI-powered “pocket companion”, imagine a smartphone with an AI interface. Techradar also ran a story from CES about Volkswagen being the latest car manufacturer to build ChatGPT into their cars, although I’m not sure I’m quite ready for that, it shows how AI will continue to become ever more pervasive. 

As IT business leaders we do need to prepare for this and have the appropriate controls in place to protect to ensure we use AI appropriately in both business and personal settings. 

The Cybersecurity threat isn’t going anywhere 

No surprise here as cybersecurity is never going to be done. A friend of, Kirk Ryan, recently posted this blog regarding cybersecurity trends in 2024.  Two tips caught my attention. His “AI Arms Race” pointed towards the cyber security threat posed by AI. How technology such as deepfake presented new threats that in reality are difficult to stop. This is an emerging area business and security leaders need to understand and find ways to identify these threats, much of this will need to be manual, however, as right now it’s hard for technology alone to stop. 

He also discusses “The Great Cloud Caper. Cloud has certainly increased the threat posed by leaked credentials and poorly configured security. While leaked credentials leading to the deletion of cloud infrastructure is thankfully rare, less rare is the threat posed by misconfigured cloud accounts and services, we continue to hear of misconfigured cloud repositories leading to significant data leaks.  

How secure is your cloud infrastructure? This is a question we should all be asking. Certainly, we should be carrying out regular basic security auditing to ensure we don’t have basic misconfigurations. We should ensure we are not over-provisioning guest access to our Teams groups and SharePoint sites or having under-protected, over-elevated accounts that if breached can be used to raise havoc in our cloud environments.  

Managing Costs  

Not surprisingly, we are going to see continued economic pressures on business and IT is a part of that. Whether it’s capital expenditure or operational costs the need for better insights into them is becoming increasingly in demand, especially with cloud spend. Having insights, especially predictive insight, into cloud costs should be a consideration for anyone with any kind of complexity to their cloud environments, especially those with multi-cloud setups. Knowing the best place to run a workload, and understanding how to ensure you are right-sizing them can have a significant impact on overall costs reducing them significantly.  But this is also true on-premises, making sure we are running a right-sized environment can reduce capital and operational costs. It’s a difficult area to manage, but it is, and rightly, going to stay high on the agenda as we move through 2024. 

While no doubt there are other areas of interest, I imagine much of the initial part of 2024 will see us dealing with those three areas. 

Tech Takeaways 

New year, new episodes! In 2024’s first episode, we are discussing alternative networks. These are connectivity providers who live outside of the UK’s traditional BT and Virgin media networks. Alt-nets own their infrastructure and build their services, which opens a range of custom services that can appeal to businesses of all types. Is an Alt-Net something that you could use? Dave Ferry of ITS joins us to explain more. Find the video version here or if you prefer audio it’s here 

CTO Insights  

In episode 2 of CTO Insights, I’m joined by NetApp field CTO, Grant Caley. With 20+ years at storage vendor NetApp, Grant has great experience and he shares a broad set of insights into the data industry. Join me as we explore the future of data ranging from cost optimisation to backup and recovery. 

You can watch the video here or if you prefer listen to the audio version here. 

Thanks for reading CTO Insights, look out for more coming soon. 

 

Optimising Your Microsoft 365 Environment: Why It Matters

Posted on by Josh Mantle

In today’s digital age, businesses are increasingly relying on cloud-based solutions for their productivity and collaboration needs. Microsoft 365 (formerly known as Office 365) has emerged as a go-to platform for organisations seeking to enhance their workflow and boost efficiency. However, simply adopting Microsoft 365 is not enough. To truly maximise its benefits, it’s crucial to optimise your M365 environment. In this blog post, we will delve into the importance of Optimising your Microsoft 365 environment and provide some practical tips to get you started. 

The Significance of a Well-Optimised M365 Environment

  1. Enhanced Productivity

An optimised M365 environment ensures that your employees can work seamlessly and efficiently. When your tools and applications are configured to align with your specific business needs, tasks become easier to complete. This, in turn, leads to increased productivity across the organisation. Features like real-time collaboration, cloud storage, and integration with other business apps become more powerful when optimised. 

  1. Cost Efficiency

Optimising your Microsoft 365 environment can help you make the most of your investment. By ensuring that you’re only paying for the features and licenses your organisation truly needs, you can reduce unnecessary costs. Additionally, streamlining processes and automating routine tasks can lead to significant savings in time and resources. 

  1. Enhanced Security

Security is a top concern for any organisation, and an improperly configured M365 environment can pose risks. When you optimise your environment, you can implement robust security measures, including access controls, data encryption, and multi-factor authentication. This reduces the chances of data breaches and ensures the confidentiality of sensitive information. 

  1. Scalability

As your business grows, your IT requirements will evolve. An optimised M365 environment is flexible and can easily adapt to accommodate changes in your organisation’s size and structure. Whether you need to add new users, departments, or features, an optimised environment makes scaling up or down a smooth process. 

  1. Improved User Experience

A well-optimised M365 environment leads to a better user experience. Employees will find it easier to collaborate, communicate, and access the tools they need. This can boost morale and job satisfaction, ultimately leading to higher employee retention rates. 

Practical Tips for Optimising Your M365 Environment 

Now that we’ve highlighted the importance of optimisation, here are some practical tips to get you started: 

  1. Conduct a Thorough Assessment

Begin by assessing your current M365 environment. Identify areas that need improvement, such as licensing, permissions, and configuration settings. A comprehensive audit will help you pinpoint areas for optimisation. 

  1. Customise Your Environment

Tailor your M365 environment to match your organisation’s unique needs. Customise SharePoint sites, Teams channels, and other applications to align with your business processes. Implement automation and workflows to simplify repetitive tasks. 

  1. Implement Security Best Practices

Enhance security by implementing best practices such as multi-factor authentication, data loss prevention, and email encryption. Regularly update security policies and educate your staff on cybersecurity awareness. 

  1. Monitor and Maintain

Continuous monitoring is crucial for ensuring your M365 environment remains optimised. Regularly review usage patterns, troubleshoot issues, and apply updates and patches as needed. Consider investing in management and monitoring tools to simplify this process. 

  1. Train Your Team

Proper training for your staff is essential. Ensure they are well-versed in using M365 tools efficiently and securely. Encourage ongoing learning and provide resources for continuous improvement. 

  1. Seek Expert Assistance

If your organisation lacks the in-house expertise to optimise your M365 environment, consider consulting with Microsoft 365 experts or managed service providers. Their experience can help you navigate complex configurations and ensure you’re getting the most out of your investment. 

In conclusion, Optimising your Microsoft 365 environment is not just a one-time task but an ongoing effort that reaps numerous benefits. Enhanced productivity, cost savings, improved security, scalability, and a better user experience are all outcomes of a well-optimised M365 environment. By following the practical tips outlined in this blog, your organisation can harness the full potential of Microsoft 365 and stay competitive in today’s digital business landscape. 

Free Health Check 

Unsure of the savings you could be making in your Microsoft 365 or Azure environment? Want to know more about your employees’ adoption and usage of new solutions? Keen to better understand security and identity vulnerabilities?  

We’ve been running free health checks with our clients to help answer two simple yet significant questions:

• Am I investing in the right licenses?
• Am I making the most of my licenses?

This helps our clients optimise, secure, and control their environments, that can result in savings between 19% and 36%. 

To claim your free M365 health check, fill in a contact form here or call us at 0151 220 5552 

Not convinced? Why not check out a series of podcasts that give you more information on the value of Optimising your environment.  

Stop spending too much and optimise your m365 costs | Ep 2 

Unlocking Cloud Optimisation Strategies | Ep 25 


Optimising cloud costs | Ep 30 

CTO Insights December Newsletter – Black Hat Europe Special

Posted on by Josh Mantle

CTO Insights December Newsletter – black hat Europe Special 

The end of the year is quickly approaching and of course, your mailbox will be full of lookbacks and look-forwards, so I’ll save you one more by not doing any of that here. Instead, I thought I’d share with you some of my findings from my trip last week to black hat Europe in London (Dec 4th– 7th), now that’s much more fun, isn’t it? 

The sessions 

As it turned out I didn’t get a chance to do as many sessions as I would have liked, but the ones I did were interesting.  

The threat of DeepFakes 

I’ve spoken with a few industry experts on this topic this year and it’s going to be a huge challenge. This year has seen the commoditisation of Generative AI. This has created opportunities for businesses to find new ways to innovate, but it has also introduced new ways to innovate for cybercriminals. If you think about some of the uses of this tech, we already see from Instagram to Zoom, the ability to, in real-time, add filters, change the look of someone, and add backgrounds, all in an app at the click of a button. Cybercriminals are similarly using these accessible tools to carry out more innovative attacks. For example, companies such as resemble.ai which allow for speech creation are being used to try to carry out attacks against either voice security or to try to con an individual into engaging in a conversation. This type of attack is very difficult to recognise and stop and shows the scale of the challenge. There is little by way of technology that can tackle this currently, so awareness and education are crucial in trying to tackle it, knowing it’s a risk and looking at how to recognise it is essential. One good but of advice here was to remember some of the basics of cybersecurity if you are not expecting it then treat it as suspicious. 

As a little addition to this, I grabbed this screenshot of something that raised a smile. It shows how creative criminals can be! Here using fake fingers to come up with an AI defence in court, technology eh! 

Threat trends 

It’s always interesting to understand where threats are coming from. Threats continue to develop across a broad spectrum of areas. There were a few interesting statistics I picked up during my time at the event, that should help to provide us with some focus on future threat vectors. 

API-based attacks – There has been a doubling of cyber-attacks on APIs in the past 12 months. This makes sense as you look at our increased demand for integration and automation between platforms. In many instances, we no longer consider solutions if they don’t “publish their APIs”. However, that presents a potentially significant risk, with unsecured APIs are great route for a cyber attacker. Luckily this is an increasing number of API security tools available in the market, and their adoption can deliver high value. But it is not yet a table stake for many as we review our security options. 

Ransomware – continues to dominate, with some shocking statistics shared from various vendors, this included a 143% growth in zero-day attack victims and a 42% increase in attacks on manufacturing. A rapidly evolving space to try to tackle this challenge is network micro-segmentation. This is usually based on software-defined policies with extremely granular controls allowing for context-based segmentation. This has two potential benefits, firstly it builds new security boundaries into your network environment, and in the event of an attack, it can more effectively reduce the “blast” from an attack, by limiting how much lateral movement an attacker can gain from a compromised machine. 

DDoS attack growth – this was an interesting area, almost like welcoming back an old friend, while basic as an attack method it can be hugely effective in reducing access to systems and services. Threat actors have recognised this with growth in DDoS attacks across a variety of sectors including manufacturing and financial services. Stopping these attacks can be difficult, but there are technology shifts to help try to reduce the impact of DOS attacks. This includes architecturally building DNS resilience with Edge Platforms and cloud services. Also the development of scrubbing technology both at the edge and across cloud apps and infrastructure. 

The threat landscape does continue to change, and it is important as CTOs that we try to stay ahead of potential threats and the mitigation steps we can take. Events like Black Hat are always useful in that way and can be a good source of education and an effective way to evaluate a range of the leading vendors in the space. 

Beyond Black Hat

The second of our CTO Insights videos is now available for you to enjoy. This time my guest is NetApp Field CTO, Grant Caley. Grant has over 20 years in the data and storage industry, with much of that time spent at NetApp. During our 25-minute chat, we talk about a wide range of modern data challenges and how, some of our more traditional approaches to dealing with them, are more than valid today. Grant shares insight on data management, optimisation, data platform integration, and the important part that your data storage plays in your business security.  

Grant’s a great guy to chat with and offers some insightful views of the evolving world of data. 

The full video is available on our YouTube channel or if you prefer it in four bit-sized chunks, then we have that too, you’ll find part one here. If you’d like to checkout our range of Tech Takeaway podcasts, you can see those here.

Merry Christmas  

That leaves me with just one thing to say at this time of year and that is to wish you all a Merry Christmas and enjoy the Christmas break, if you are lucky enough to get one. While the world of technology never really stops, this is at least a chance to pause, enjoy time with those closest to you and set yourself up to tackle 2024 head on. 

Enjoy the holidays and CTO Insights will be back in the new year. 

Strengthening Security with Multi-Factor Authentication

Posted on by Josh Mantle

In today’s digital era, safeguarding the security of your online accounts and sensitive data is crucial. The conventional username and password combo, once seen as a robust security measure, no longer provides sufficient protection. As cyber threats continue to evolve, becoming ever more sophisticated, it’s high time to embrace Multi-Factor Authentication (MFA) to fortify your digital defences. 

What Exactly is Multi-Factor Authentication (MFA)? 

Multi-Factor Authentication, often known as MFA or 2FA (Two-Factor Authentication), necessitates users providing two or more forms of identification before gaining access to an account or system. This introduces an additional layer of security beyond the traditional username and password, making it considerably more challenging for unauthorised individuals to gain access. 

How Does MFA Function? 

MFA typically incorporates three distinct authentication factors: 

  • Something You Know: This corresponds to the conventional username and password. It’s the knowledge-based factor and serves as the initial line of defence. 
  • Something You Have: This can be a physical device like a smartphone or a hardware token. Following the input of your username and password, you’ll be required to provide a code generated by the device or received through a mobile app or SMS. 
  • Something You Are: This refers to biometric authentication, such as fingerprint recognition, retina scanning, or facial recognition. The inclusion of biometrics enhances security significantly. 

The Benefits of MFA 

  • Heightened Security: MFA substantially minimises the risk of unauthorised access, even if an intruder manages to acquire your password. They would still need access to your second-factor authentication method. 
  • Resilience Against Phishing: MFA serves as a robust defence against phishing attacks. Even if you inadvertently disclose your password to a fraudulent website, the attacker will still require your second-factor authentication. 
  • Compliance Obligations: Many regulatory frameworks and industry standards, such as GDPR and HIPAA, mandate the implementation of MFA to safeguard sensitive information. 
  • User-Friendly Experience: Modern MFA solutions are designed to be user-friendly and convenient. Mobile apps and biometric methods have streamlined the process for users. 

Deploying MFA Within Your Organisation 

To effectively implement MFA within your organisation, consider the following steps: 

  • Select the Most Appropriate MFA Method: Choose the MFA methods that align with your organisation’s specific requirements. Options include SMS-based codes, mobile apps like Google Authenticator, or hardware tokens. 
  • Educate Your Users: Provide comprehensive training and guidance to your employees or users on setting up and using MFA. Ensure they appreciate the significance of this additional layer of security. 
  • Continuous Testing and Monitoring: Regularly assess your MFA system and closely monitor for any suspicious activity. Be prepared to respond swiftly to any security incidents. 
  • Explore Adaptive Authentication: Certain MFA solutions offer adaptive authentication, which evaluates the risk level of login attempts and adapts the authentication requirements accordingly. 

In conclusion, Multi-Factor Authentication stands as a vital tool for safeguarding your digital assets in a progressively perilous online landscape. By incorporating MFA, you can significantly elevate your security posture and diminish the risk of unauthorised access to your accounts and systems. Stay one step ahead of cyber threats and make MFA an integral component of your cybersecurity strategy today. 

Want to learn more about MFA? Listen to a recent Tech Takeaway episode titled – The Evolution Of MFA

If your organisation needs help in deploying MFA, please feel free to contact our team by filling out a contact form by clicking the ‘contact us’ button in the top right of the page. Alternatively, you can email us at, sales@gardnersystems.co.uk and a member of the team will be in touch.  

 

CTO Insights November Newsletter

Posted on by Josh Mantle

Welcome to this latest CTO Insights November newsletter, it has been a hectic time recently so please excuse the extended gap between editions. I’m sure you are keen to know what’s been catching my attention since we last spoke? 

Something new

Welcome to this latest CTO Insights November newsletter, it has been a hectic time recently so please excuse the extended gap between editions. I’m sure you are keen to know what’s been catching my attention since we last spoke

As a CTO I’m always looking for new crazy ideas to share information, and here’s one of them, our new CTO Insights videos! This series of videos sees me chat with an industry expert about a particular topic. First is Jon Hope, Senior Technologist at Sophos. Jon joined me for a wide ranging chat about the current state of cyber security and what the future holds. 

The overall chat is around 30 minutes, but to make life a little easier I’ve broken it down into bite size 5 minute videos. 

The first two of these (alongside the longer version) are available for you now. 

In part one we discuss the recently released Sophos Ransomware Threat report and what it means for CTO/CISOs and whether paying ransoms is ever the right thing to do. 

You’ll find part one here. 

In part two, we discuss the inevitability of attacks, how attacks have modified into double and triple “dip” attacks and what to do about them. We also discuss incident response plans and why it’s essential to have them.  

I’d love your feedback on the format and what topics you’d like me to cover in future videos. 

Looking after your security team

Back in mid-September I attended a Future of Cybersecurity event in Manchester. There was the usual mix of vendors and presentations. But two in particularly caught my attention as they discussed Cybersecurity wellbeing. The sessions shared a couple of troubling facts.  

  • Gartner reported 25% of Cyber Security Leaders will change careers by 2025 due to burnout. 
  • Forrester reported that of IT security staff 66% of them felt they were suffering stress and of those a further 50% were taking medication to help. 

Those statistics are not things we can accept, and we cannot shrug our shoulders and hope it gets better. Even from the most basic of business views, it is untenable as over stressed staff are more likely to make mistakes and when it comes to cybersecurity it is mistakes that threat actors prey on.  

How do we remove stress from our team? I imagine there is no easy answer and I’m not going to try to give one, but I did find a couple of good tips in this Watchguard Blog. 

End user education – Education can help reduce threats and incidents and therefore the burden on your security teams. 

Automation – Automate repetitive and time-consuming tasks so the team can stay focused on the priority areas. 

Consolidation – Reducing the amount of technology vendors in your security suite, this can help both reduce risks caused by gaps between tools and also improve operations by allowing more to be achieved within a single platform. 

There’s a couple of other additions I’d consider. 

Managed Services and AI – Managed solutions such as MDR can help greatly reduce the burden on security teams, providing them with experienced security team on hand 24×7. It’s also worth looking at how vendors are using AI to reduce time consuming tasks and help prioritise risk and threats. 

Security Culture – Build as positive a security culture as you can, make sure both your staff and your security teams feel that they are taken seriously, listened too and supported and if the worst happens, there will be no scapegoating. Security is too complex to expect perfection, so let’s not apply pressure by thinking that it is. 

Your Copilot to the future 

Welcome to this latest CTO Insights November newsletter, it has been a hectic time recently so please excuse the extended gap between editions. I’m sure you are keen to know what’s been catching my attention since we last spoke

Back in October I attended Microsoft’s Envision conference in London. Which brought out the Microsoft “big guns” none bigger than CEO Satya Nadella (Seen here with UK CEO Clare Barclay). The event was focused on Microsoft’s Copilot technology. Copilot is the product name for its integration of generative AI throughout its Cloud Platforms. This ranges from the generally accessible Bing Chat service, which provides you with GPT 4 powered integration with its search engine, through to its subscription add on services like integrating data sets for building learning model and its soon to be available Security Copilot. 

Copilot is interesting, as it is likley to be the first fully enterprise managed, large scale AI that many businesses will see. It will be baked into everyday tasks, from content creation to summarising long documents and Teams meetings. It is this, in a common everyday application like Microsoft 365, which is likley to bring business AI to the masses. I’m fascinated to see how this will be adopted and were it will lead to both innovation and better understanding of risks. We recently did a Tech Takeaways Episode – Exploring the Horizon with Microsoft Copilot discussing a little more about Copilot and its potential impact. 

I’d be interested to hear from others about your thoughts and plans for Copilot, so do please share them. 

That’s all for this edition of the newsletter, I have a couple of week’s of travel coming up, with a little holiday in Denmark before setting off to London for BlackHat Europe, so if you are going to be at the event, let me know. 

Look out for the next CTO Insight Newsletter coming soon.  

Trick or Treat: Hacker’s tricks and how to treat them

Posted on by Josh Mantle

Trick or treat: Hacker’s tricks and how to treat them

As the nights draw in and the eerie period of Halloween takes hold, our thoughts turn to the spooky cyber threats lurking in the digital shadows. Much like the ghostly apparitions and mischievous spirits of Halloween, hackers revel in mischief, preying on vulnerable networks and unsuspecting individuals. In keeping with the Halloween spirit, let’s delve into the tricks employed by hackers and the treats we can utilise to fend them off. 

Trick 1: Phishing Schemes 

Phishing remains a favourite among hackers, casting out deceptive emails or messages, aiming to entice victims into divulging sensitive information. 

Treat: Implement robust filtering solutions to catch these deceptive emails before they reach inboxes. Conduct regular training sessions to educate your team on recognising phishing attempts and establish a clear protocol for reporting suspicious communications. 

Trick 2: Malware Attacks 

Malware is the digital bogeyman, lurking unseen only to wreak havoc once within the confines of your systems. 

Treat: Ensure your antivirus software is up to date, and schedule regular scans to catch and remove any malicious software. Educate your team on safe browsing practices and the risks associated with downloading files or software from untrusted sources. 

Trick 3: Ransomware Hauntings 

Ransomware is the modern-day haunting, hiding in the dark corners of your infrastructure waiting for the right moment to jump out and scare your data into hiding behind the couch of encryption! The waiting for payment before coming back out again! 

Treat: Maintain regular backups of critical data to mitigate the damage of a ransomware attack. Keep your systems updated with the latest security patches and employ network segmentation to contain and isolate any ransomware outbreaks. 

Trick 4: Social Engineering Spells 

Through cunning social engineering, hackers weave a spell to manipulate individuals into revealing confidential information or performing actions that compromise security. 

Treat: Foster a culture of security awareness within your organisation. Run regular training sessions to help your team recognise and resist social engineering attempts, focusing on skepticism and verification as key defensive measures. 

Trick 5: Unsecured Wi-Fi Witches 

Unsecured Wi-Fi networks serve as witches’ cauldrons, brewing trouble for any who dare to connect. 

Treat: Secure your Wi-Fi networks with robust encryption, change default credentials to remove unauthorised access, and consider employing a virtual private network (VPN) to provide an added layer of protection. 

Conclusion 

This Halloween don’t overlook the importance of fortifying your digital realm against the myriad trick’s hackers may deploy. By embracing the right cybersecurity treats, you can ensure a safe, spectre-free environment for your organisation, keeping the digital demons at bay. 

If you’d like some more information on how Gardner Systems can help your business stay protected, then head over to Gardnersystems.com, contact us at sales@gardnersystems.com or 0151 220 5552.

Want to keep up to date with tech’s biggest issues? Subscribe to the weekly airing Tech Takeaway’s podcast here

Free Security Audit

Get a 1 hour FREE security audit!

Get in touch