Iomart : Cyber Security webinar follow-up

We hosted a webinar on the 7th of April 2022. If you missed it, you can watch it at the bottom of this page.

Why did we host an iomart Security webinar?

We know that securing your business is a top priority for a lot of you, and we also know that it can be a minefield of complicated jargon, myriad technology solutions, and often pretty expensive stuff. So, to try and help cut through some of the chaos, we thought we'd host a little chat with our experts to help you separate the wheat from the chaff.

Why now though? Well, you've got us there. It just so happens we've recently launched a top of the range security service in partnership with the best threat hunters in the business: e2e-assure. We have two decades of experience building secure environments. e2e-assure has the highest certified security experts in the UK to hunt and detect threats. And we have the infrastructure expertise to proactively respond and eliminate risks. Not bad, eh?

Anyway, enough about that, we want to be a source of useful information you can take back to your business (regardless of whether you have a solution with us or not).

So, we've been busy speaking with different businesses about their security situation. And we found that:

• Security moves on so quickly and you find it a never-ending battle to stay on top of things
• You worry that while you're trying to focus on running the business, something might've been overlooked and a threat might've snuck in
• Off the shelf solutions aren't as secure as you need them to be straight out of the box and that's where you can get caught out.

What we did with everything we heard

We started to think about how we could offer some useful information to help solve some of these challenges.

Something that was super clear - knowing what to prioritise and where to invest was not, well, super clear. A lot of the worry was centred on the uncertainty that "everything was covered" and a feeling that the "threats move faster than the business can keep up". So, we figured the best thing we could do was to create an opportunity for a discussion. A chance to have a chat with the experts on the front line of security 24/7 and put your questions to them

The answer? Webinar time with the threat hunters

We pulled some strings and commandeered time with two of our security product experts: Messrs Andy Sinclair and Stuart Avery.

Interesting things we learned on the day

We ran a few anonymous polls. And found that 50% of attendees were a bit unsure, or lacking in confidence, about how well their business would respond if it fell victim to an attack.

The good news (yes, there is some good news) is that 36% of attendees felt their business "would do quite well" in response to a breach. This is encouraging news and underlines the focus security is now receiving. And the priority status it's earned in the boardroom.

How do you feel your business would respond to a breach if it happened tomorrow?

These results aren't hugely surprising given the uncertainty around how best to protect your business. But we also know global cyber intrusion jumped by 125% in the first half of 2021. And that 39% of UK businesses have identified a cyber attack in both 2021 and 2022. So getting our house in order has never been more important.

But don't just take our (or the ONS's word for it)… We asked our attendees what their own experiences had been in that past year.

Which type(s)of cyber security incident have you dealt with in the last 12 months?

We also asked about the specific challenges businesses were facing when it came to implementing security measures. These results are interesting. While security has, I think we can all now agree, become a boardroom focus, 25% of respondents felt one of their greatest challenges was an inability to assign enough budget to tackle the problem.

When it comes to cyber security, what are the top challenges your business faces?

This could be a sign of some business owners still not willing to invest as needed, or it could be an indication of the wider expense of trying to cover everything. The latter point seems to be more on the money (so to speak) when considered in the context of other responses:

• 42% struggling to keep up with "new/changing threats"
• 25% unsure "where to prioritise spend"
• 8% unable to hire or retain the "skills we need in-house".

As some of our earlier interviews showed, the breadth of the threat landscape, and its ever-changing shape, mean assigning a budget is a huge challenge.

So, we asked the experts: how do you know what you should focus on to get board buy-in?

Start with smaller, well-defined projects to reduce risk. And make sure you clearly articulate the benefits of these projects. Build your business case, including the impact cost of the risk, and the mitigation cost of the project. Set timescales for when the board will see the benefit. And engage positively with them. Make sure you follow up as you start seeing benefits. So the board are more likely to trust you with investment in the future. Use content and advice from a 3rd party subject matter expert, as it will give your business case a bit of weight.

Also, understand that every network is different, but every network has vulnerabilities and access points. So you'll need to understand what those vulnerabilities are and assess the risk they represent to your business. Think about how close they are to your critical function.

For example, administrators of a critical function might be using desktop assets to access a critical function. So securing that desktop is critical. And monitoring activity on that desktop or from that user is equally critical. So you might want to start there. But feel comfortable knowing that it will be different for each business, so if your focus is different to someone else's, that doesn't necessarily mean you're doing it wrong.

When was the last time you practised your cyber security incident response?

One of the other topics we covered during the webinar was simulating a cyber-attack and practising your response. A whopping (not a word I use often, but it seems appropriate) 92% said they'd either never tested their response or didn't know when it was last tested. That's a pretty large majority, but does it matter?

Again, we asked the experts…

How often should I be testing our cyber security response? And what does a good test look like?

A good test should be carried out by an external expert to make sure it's done properly (of course we'd say that, but we're not saying it has to be us!). It should include risk owners, system owners, resolver groups and security providers (where possible). And it would also be good to involve board members.

The test should be driven by scenarios that are relevant to your organisation. And lessons should absolutely be recorded accurately. There should be no negativity when it comes to any gaps and vulnerabilities you expose. Instead, the business should see these as opportunities to mitigate and strengthen. Realistically most organisations don't have the bandwidth to conduct these tests monthly (or sometimes even quarterly). But you should test at least half-yearly without board participation. And certainly, annually with board participation.

This is interesting, but I need a few more details

Despite our best efforts, there really is only so much we can cover on a fully attended webinar. But, if you're curious to ask a few more questions and would like to speak to one of the threat hunting team, drop us a line and we'll ask them to get in touch.

Keep an eye out for more webinars

We were really pleased with the turnout, along with the great questions we got on the day. So, we're keen to run more of these in the coming months.

Keep an eye out for more iomart webinars - or, even better, tell us what you'd like us to cover next. See you soon.