Cybersecurity: Platform & Policy
Cybersecurity and protecting your business
We attended an interesting and useful cybersecurity seminar hosted by our local ISP Magnet, PwC and Palo Alto yesterday. A lot of good topics and good advice was dispatched, but the piece that resonated most with us was the topic of education. Pat Moran, Head of Cybercrime & IT Forensics at PWC said that for every €100 spent on security he would spend €95 of that on end-user training. Our experience leads us to concur with that.
Security at its core is always as weak as its weakest link. As a managed IT service provider, we have had to deal with malware incidents even with the layers of security including email filtering, Unified Threat Management (Firewalls from leading providers) and up-to-date anti-virus and malware protection. The tools and platforms are simply not enough. I like the approach that some vendors such as Sophos and Palo Alto are taking with regards to end-to-end security and threat visibility across the entire organisation. This connected thinking allows security solution providers to see, manage and remediate all risks through a single pane of glass.
But the USER is still the burning issue and the weakest link. Ransomware threats require human interaction to spread. Social engineering hacks are propagated through lax user awareness and poor policy design. Lost mobile devices and poor password management (i.e. the exact same weak password across social media systems) all contribute to the user as the weakest link.
What is required is a Security Policy and Awareness Programme that keeps your end-users of all types vigilant of the threats to cybersecurity. A security policy will also assist in designing out how the security solutions and platforms will be rolled out and policies designed. Without policy and awareness, there are no standards and no destination.
Thinking about outsourcing your IT security? We are a managed IT service provider and one of the few IT companies in Ireland to have earned an ISO 27001 certificate. Whether you just need some support or are outsourcing a complete IT function, get in contact today and we can discuss your options.