CyberSecurity: Why your organisation needs to Get Wise to the New Threat Landscape

The CyberSecurity landscape changes every day, with new actors, new threats, new schemes, and new ways to infiltrate websites, emails, devices, and almost anything that is connected to the internet. We’re constantly reading about the rise of spear phishing, DDoS attacks, global malware threats, ransomware, CEO fraud, and more.

Screen 022.png

Despite all of the attention that CyberSecurity is receiving, there is still a widely held belief in the small- to medium-sized business or organization (SMB) that cyberattacks happen to someone else - the “Ostrich Effect”

Apparently, this is something that is prevalent in humans; it is our natural instinct to avoid unpleasant or difficult news or situations. Unfortunately, hiding from a problem doesn’t make it go away. It just continues without you, delaying the inevitable.

This is the state of CyberSecurity in the SMB market today. The threat exists. It’s real. It’s growing. It is not going away, and if we continue to bury our heads in the sand, it is going to get much worse. 

Ransomware as a Service or RaaS is a direct threat to SMBs

ransom.png

SMBs should be aware that Ransomware as a Service (RaaS) can be used by anyone with the desire to commit cyberextortion and this has changed the threat landscape. SMB's are now at more risk than ever before.
Consider these statistics:

  1. Cybercrime is expected to cost the world over $6 trillion USD by 2021.
  2. SMBs are under attack as cybercriminals understand SMBs have fewer resources and far less protection than larger entities.
  3. Half of all cyberattacks are against SMBs.
  4. Ostrich Effect statistics: 77% of SMBs say their companies are safe from cyberattacks, yet 83% of them have no formal cybersecurity plan.
  5. 6 out of 10 SMBs do not have a contingency plan should they undergo a cyberattack.
  6. 66% of SMBs say they are not worried about a cyberattack.
  7. Most SMBs do not have policies in place to provide procedures for employees in the case of an attack.
  8. While most small businesses feel that they have adequate protection for themselves and their customers, Visa, Inc. reports that SMBs represent over 90% of payment data breaches.  
  9. Most small businesses do not have any cybersecurity training in place for their employees, while 83% of breaches are caused by untrained employees being duped by phishing and spear phishing activities.

Being Proactive is the Way to Defend against Cyberattacks

datarisk.jpg

While the news on the CyberSecurity front is daunting, SMBs with a proactive plan of protection are far less likely to suffer a breach. When considering a plan for protection, these four areas should be reviewed:

  1. Risk Assessment—it is critical to know what data is at risk, where it is, and how to protect it.
  2. Risk Remediation—have a process to remove/back up/encrypt data to bring to “clean state.”
  3. Protection—utilize advanced technologies to secure a safe environment for your business and your customers.
  4. Education—instigate employee CyberSecurity awareness training.

A proactive approach to protection is the key to being safe for most businesses and organisations, whatever their size.

Remember,
if you are connected to the Internet,
you must be protected!

If you would like us to assist, please Ring us now 01-2166 970 or click here to send us a form.

Benefits of adding additional Memory to your Servers

Memory is what feeds processing cores, it’s one of the most effective and affordable ways to improve CPU utilisation and efficiency.
There are huge benefits of adding additional Memory(RAM) to your Servers that include:

  • It’s the fastest, easiest, most dependable way to increase Server performance
  • When CPUs are fully utilised, you will be able to use fewer Servers to accomplish more
  • Fewer Servers keeps power, cooling, and software licensing costs lower
  • It’s one of the best ways to cut costs and overcome workload constraints.

Additional Memory helps overcome 5 top server workload constraints:

  1. Limited budget: More memory helps increase CPU efficiency and utilisation, which in turn decreases a server’s cost of ownership because users are getting more performance out of it and are able to use fewer servers to accomplish more.
  2. Unexpected or unpredictable workload demands: More RAM helps eliminate quality of service variance because it provides extra resources for virtualised applications to store and use active data, which lives in memory.
  3. Limited floor space: Scaling up and using less servers optimises limited floor space and cuts power, cooling and software license costs.
  4. Rapid growth in user base: Hosting more users requires more RAM to maintain quality of service levels and gain system flexibility.
  5. High power and cooling costs: More RAM helps servers use power in the most efficient manner plus using fewer servers lowers total energy costs.

The bottom line:
Improve workload performance with more Memory, not necessarily more Servers

For more information, please contact us to discuss how we can help.

11 Tips on Internet Security

In recent times, the GDK Helpdesk has experienced a significant rise in Internet threats and in particular with Ransomeware such as Cryptolocker and Xepto. In most cases the solution to this problem was to restore from the last known good backup. GDK are taking this opportunity to remind our clients and our contacts of some of the best practices in relation to Internet and eMail usage. We are also making some suggestions below in relation to the Multi layered security approach that is now required to ensure a successful IT business continuity Plan.

  1. Use a Managed Antivirus product & and ensure it is active and up to date on your Servers, workstations, PC's and Tablets.
  2. Be careful of opening  emails from both known and unknown sources that look suspicious.
  3. Think twice and remain critical when opening attachments in e-mails or files downloaded from the Internet.
    Ask yourself if you trust the source and if they would send you this type of Email in the first place. Email addresses from the sender may be fabricated to look like yours.
    Never click links in emails or texts that seem to come from your bank, the Revenue or any other institution. If you think the message might be valid, log into your account directly, without using the supplied link.
  4. Be cautious with your passwords; don't use personal names, don't share them, make them difficult to break, use complex passwords. Implement a password change policy.
  5. Avoid using the internet to access your sensitive data in cafes or public places.
  6. Never leave your devices unattended.
  7.  Keep all software applications up-to-date with the latest patches including Microsoft Operating Systems
  8. Disable Java on your browser.
  9. Nothing is free. Be particularly careful of the source for free apps or software.  
  10. Don’t trust anything on the internet (even legitimate Web sites could end up delivering malware).  
  11. Back up your Data on all devices– not just your computer, but also your phone and your tablet ideally in both a local and cloud destination. Test the restore capabilities on a regular basis

What should Business Clients do?

  • Implement a robust data recovery procedure
  • Implement a multi layered security approach that would include:
    • Mail Protection (Includes anti-spam)
    • Server & Work Station Antivirus with up to date bit patterns
    • Implement a Workstation Management Policy which manages the Patch updating from all software applications.
    • Implement Web Protection on all workstations to avoid access to known malware internet sites
    • Insist on Firewall protection with additional security at the gateway for Antivirus, Anti Spyware and Intrusion prevention.
    • Configure your firewall to ensure remote users are who they say they are.

Call GDK for further information and how we have successfully implemented our Business IT Care plan for many clients.