Author: Josh Mantle

Trick or Treat: Hacker’s tricks and how to treat them

Posted on by Josh Mantle

Trick or treat: Hacker’s tricks and how to treat them

As the nights draw in and the eerie period of Halloween takes hold, our thoughts turn to the spooky cyber threats lurking in the digital shadows. Much like the ghostly apparitions and mischievous spirits of Halloween, hackers revel in mischief, preying on vulnerable networks and unsuspecting individuals. In keeping with the Halloween spirit, let’s delve into the tricks employed by hackers and the treats we can utilise to fend them off. 

Trick 1: Phishing Schemes 

Phishing remains a favourite among hackers, casting out deceptive emails or messages, aiming to entice victims into divulging sensitive information. 

Treat: Implement robust filtering solutions to catch these deceptive emails before they reach inboxes. Conduct regular training sessions to educate your team on recognising phishing attempts and establish a clear protocol for reporting suspicious communications. 

Trick 2: Malware Attacks 

Malware is the digital bogeyman, lurking unseen only to wreak havoc once within the confines of your systems. 

Treat: Ensure your antivirus software is up to date, and schedule regular scans to catch and remove any malicious software. Educate your team on safe browsing practices and the risks associated with downloading files or software from untrusted sources. 

Trick 3: Ransomware Hauntings 

Ransomware is the modern-day haunting, hiding in the dark corners of your infrastructure waiting for the right moment to jump out and scare your data into hiding behind the couch of encryption! The waiting for payment before coming back out again! 

Treat: Maintain regular backups of critical data to mitigate the damage of a ransomware attack. Keep your systems updated with the latest security patches and employ network segmentation to contain and isolate any ransomware outbreaks. 

Trick 4: Social Engineering Spells 

Through cunning social engineering, hackers weave a spell to manipulate individuals into revealing confidential information or performing actions that compromise security. 

Treat: Foster a culture of security awareness within your organisation. Run regular training sessions to help your team recognise and resist social engineering attempts, focusing on skepticism and verification as key defensive measures. 

Trick 5: Unsecured Wi-Fi Witches 

Unsecured Wi-Fi networks serve as witches’ cauldrons, brewing trouble for any who dare to connect. 

Treat: Secure your Wi-Fi networks with robust encryption, change default credentials to remove unauthorised access, and consider employing a virtual private network (VPN) to provide an added layer of protection. 

Conclusion 

This Halloween don’t overlook the importance of fortifying your digital realm against the myriad trick’s hackers may deploy. By embracing the right cybersecurity treats, you can ensure a safe, spectre-free environment for your organisation, keeping the digital demons at bay. 

If you’d like some more information on how Gardner Systems can help your business stay protected, then head over to Gardnersystems.com, contact us at sales@gardnersystems.com or 0151 220 5552.

Want to keep up to date with tech’s biggest issues? Subscribe to the weekly airing Tech Takeaway’s podcast here

CTO Insights September Newsletter

Posted on by Josh Mantle

CTO Insights September Newsletter 

Incredibly it is already September, and Britain’s long hot summer is starting to head off towards the sunset! But the warm glow of CTO Insights remains. So, settle in for some of the things that have caught my attention over the last few weeks 

How do you engage with your organisation? 

One thing that people in IT don’t consider often enough, in my opinion, is the importance of engaging with an organisation. Asking questions to help better understand what the organisation needs from its IT team, in order to function better and be more successful. Too often we find ourselves, delivering IT solutions that were not asked for and we are then surprised when we get “push-back” to its adoption. It is important to remember that IT is there to empower and enable an organisation, rather than to launch “cool” IT solutions upon it.  

Recently I had a fantastic chat with an IT Director of a large manufacturing company who provided me some great insight into this very challenge and his approach to overcoming it. His approach was interesting and not something I’ve come across before. To ensure they properly asked the business what it was they needed for IT they employed an Engagement Manager. The role was specifically to have open discussions across the entire business and understand what is needed to deliver new capabilities, efficiencies and services. Interestingly the role also focussed on asking whether they had any applications they’d found that would help them more effectively do their jobs. That’s a refreshing approach, asking people who are experts in their roles about tools they may find useful, is a smart idea and not one that we naturally adopt in IT, but one we certainly should. 

It got me thinking about what tips others have for effectively engaging with their organisation. So, if you’ve got some tips, I’d love to hear them so send them over to me or pop them in the comments. 

Is MDR (Managed Detection and Response) now the only answer? 

A couple of recent articles caught my attention and have me wondering whether the answer to many organisations’ cybersecurity needs external support is. I do say that as CTO of a company that can offer such services, but bear with me! 

Recently I saw this article over at Cybermagazine.com which discussed a state of cybersecurity report from security automation company Swimlane. The article quoted Swimlane’s findings that 33% of companies surveyed felt they would NEVER have a fully staffed cybersecurity team. This was also paired with UK research that suggested that 51% of companies have a basic cyber skills gap.  

If what we are saying is that we have an ever-evolving cybersecurity threat, paired with organisations who lack the resources they need, this is only likely to have one outcome. What then is the answer? 

The answer maybe within another announcement that caught my attention and that was Microsoft’s announcement of its own MDR service, providing managed SOC (Security Operations Centre) capabilities to augment its security platforms. The use of managed services continues to grow and Microsoft are the latest leading vendor adding human beings to their technology to support customers.  

As the cybersecurity threat landscape becomes more complex and resources scarcer, maybe it is time to consider MDR. To provide a little more on the topic, I recently published the article “As Microsoft joins the party, is it time to try MDR? ”  over at GigaOm. Have a read and see what you think. 

Network as a service – future of enterprise networking 

The world of the CTO is not all about cybersecurity of course. There are a range of other things IT leaders need to consider as they look to modernise and transform the way IT and technology is used within an organisation to allow them to remain competitive in their market. 

One such topic is covered in this article from a colleague of mine over at GigaOm, Andrew Green. Andrew recently posted an interesting article looking at Networking-as-a-service and how this can be used to drive enterprise network innovation. It is not an area that I’ve ever considered and I’m not sure networking innovation is high on people’s list. But Andrew makes a great case for why perhaps it should be. Have a read here. 

Come and join us at our IT Leaders Forum 

For those of you in and around Liverpool on September 20th we are running one of our regular IT Leaders Forums. These events bring together local IT leaders with their peers and global IT vendors to share ideas and provide feedback on business challenges and vendor strategy. These are usually lively and interesting affairs, and you are welcome to join us. 

Our next event brings to Liverpool Sophos, where we are going to be joined by Jon Hope, Senior Technologist and Peter Mackenzie, Director of Incident Response. They will be sharing insights into the current threat landscape and Peter will be sharing practical advice on how to respond to an incident and build incident response plans. This is a great opportunity to raise your cybersecurity concerns, share your experience or just chat with true subject matter experts. 

If you are in town and want to join us, then find out more details here Events – Gardner Systems 

That’s all from this edition of CTO Insights. If you have ideas or would like to have a chat, then contact me at cto@gardnersystems.co.uk find me on LinkedIn or Twitter and Threads @techstringy or book a chat via my meeting link 

 

CTO Insights August Newsletter

Posted on by Josh Mantle

CTO Insights August Newsletter

August has rolled around and while nobody had told the British weather that it’s summer, let’s see if we can provide some CTO summer vibes for you to enjoy. 

IT Sustainability 

The idea of sustainability continues to be a prime conversation topic whether it’s politicians, media, the public or the boardroom and the desk of the CTO. What does sustainability mean for businesses? In reality, is much too broad a topic for a simple answer. But as IT pros we need to understand it and that starts with breaking it down into identifiable and measurable chunks. 

One such area is the impact of poorly managed and controlled data storage on sustainability. It’s an intriguing idea and one covered in this piece that an industry friend of mine Matt Watts, from NetApp, wrote for Tech Radar, Technology sector’s hidden issue: a landfill of data | TechRadar. It’s a good read and highlights an area in which we can make a difference. 

Microsoft flexing their cybersecurity muscles 

For those of you who keep an eye on Microsoft, It won’t have slipped your attention that they continue to rapidly develop their security portfolio. This has included a recent raft of announcements around their three security brands Defender, Purview and Entra. As I mentioned in the previous newsletter, Entra is Microsoft’s identity and access portfolio and this includes the rebranding of Azure Active Directory to Entra ID. But it is much more than that, to help people pick through these latest Entra announcements I’ve written this blog for my friends over at GigaOM and thought you may find it useful too Microsoft takes Entra to the edge – GigaOm. 

Microsoft’s announcement did not stop there. Another one that caught my attention was their move into the Managed Detection and Response (MDR) space. MDR is something that is gathering a lot of momentum in many organisations I speak with, as they try to augment their overburdened security teams. MDR is potentially an ideal solution, and It’s no surprise to see Microsoft launch their own MDR service to complement its Defender platform. To find out more here’s a Microsoft launch blog Microsoft Defender Experts for XDR | Microsoft Security. For the next newsletter I’m currently working on a more detailed blog looking at the MDR space in general, so stay tuned.

Security Incidents  

Cybersecurity incidents are not going away and to highlight this, a couple of recent Cyber Security incidents caught my attention. First up was the incident that impacted Capita, as reported here by Techerati. What this article provides is an insight into the real-world costs of a ransomware incident. The breach at Capita is reported to come with a likely price tag in the region of £15m-£20m. This is before any potential regularity punishment. The costs of a cyber incident are real and should be included when assessing risk to our organisations. 

The UK elections watchdog has also revealed that it has been the victim of a complex attack, as reported here by the BBC. Data was accessed which included names and addresses and it mentioned that control systems were also accessed. This is a good example of the statement “assume breach”. It’s a good approach to take when considering security, we just cannot assume that everything on the inside of our network is okay and should have carte blanche access. We must secure all of our systems and continually monitor access to ensure that any unauthorised access does not get to access our most sensitive information. 

CTO tips 

Finally, this came from a suggestion from one of my industry friends and newsletter readers, Phoebe Goh, from NetApp, who asked for some good tips for CTOs and senior execs. As someone new to the CTO role myself and doing this at a company that hadn’t previously had a CTO, I thought what a good idea because gaining tips from experienced CTOs has been invaluable to me. So I’ve put together three things that I took from conversations with other CTOs in terms of the role and what a good CTO should strive to do. Particular thanks to Howard Holton for these. 

What is the CTOs role?  

There will be more things here, but at a high level, the following makes sense to me. 

  • Define the tech stack – what should your technology stack look like to meet business/customer needs? 
  • Where do we invest? – What technologies should we be investing in to make sure we maintain our edge over our competition? 
  • What are the emerging technologies we should be looking at? – What’s next for our business, what are the technologies that are around the corner that we should, at the very least, understand? 

What should a CTO strive to do? 

Not only, what is the role, but for someone trying to do a good job as a CTO what should we strive to do? (I’m very much still working on this!) 

  • Be available – be a person that colleagues and customers can talk to about technology – it’s important to be able to do this at all levels, not just talk “techie” but speak in a language that makes sense to those asking. 
  • Formulate ideas around Technology quickly – While this doesn’t mean you should be an expert in all areas, it does mean, being aware of technology and being able to have an idea of how that technology can impact your business – being able to articulate, what it is and where we could use it in our business. 
  • And where you don’t have an idea about a technology – then be able to understand the impact that technology can have and what that may mean for your organisation. 

Be visible. 

It was the idea of being visible that led to this newsletter.  A newsletter can be a great way of sharing ideas and inviting conversations with your organisation, partners and customers. And hopefully, that’s what we can do here with CTO insights. 

If you’re new to the role or looking at ways to develop then hopefully some of these ideas will help. Of course, I’m pretty sure, others will have their own thoughts and I’d love to hear them, so we can share them more broadly. 

That’s all from this edition of CTO Insights. If you have ideas or would like to have a chat then contact me at cto@gardnersystems.co.uk find me on LinkedIn or Twitter and Threads @techstringy or book a chat via my meeting link 

The Northwest Tech Leaders Forum Thought Leadership Piece

Posted on by Josh Mantle

The Northwest Tech Leaders Forum brings together a select group of industry experts and visionaries and provides a unique opportunity to delve into the key technology topics with global tech companies. The goal is to foster pragmatic discussions and offer valuable feedback, shaping the direction of the industry. With a history of successful technology leadership events, Gardner’s aims to regularly host these forums.  

In this year’s first forum, our leaders were joined by Lenovo to discuss pressing IT issues, to share their strategy for addressing them and hear from our forum guests about the issues they are facing and whether Lenovo’s strategy can help. 

Session Highlights 

Sustainability: Nurturing a Greener Future 

The session began with a focus on sustainability, where the prominence of Lenovo, a tech leader in this domain, became evident. Lenovo’s relentless innovation was evident in their commitment to using 75% recycled leather, recycled aluminum, and their journey towards net-zero emissions. Their dedication to sustainability extended to their global supply chain, making it easier for procurement to gauge their energy consumption. Notably, Lenovo had transitioned to plastic-free bamboo packaging that was easier to recycle, and they emphasized bulk packaging to minimize waste. Furthermore, it offers asset recovery services, facilitating the responsible disposal and recycling of equipment like printers and servers. They also provided a CO2 offset service, allowing customers to pay a levy for offsetting their carbon emissions. It also enabled customers to obtain a certificate from their website to highlight their commitment to sustainability. 

During the discussion, it was highlighted the significance of baseline sustainability and the positive impact of Lenovo’s CO2 offset initiative. One of our leaders agree, saying “that while sustainability might increase costs, Lenovo had re-invested these costs to develop industry leadership” and “as more modern machines became recycled, the industry would benefit.” The group agreed that no one wanted the technology sector to become the “Volkswagen” of sustainability, acknowledging that ESG credentials were becoming increasingly important, it had to be a real and measurable benefit. Interestingly one of our attendees pointed out how they were seeing new hires inquiring about sustainability, and how providing a sustainability certificate in their welcome pack offered a competitive edge in attracting top talent. Furthermore, it was noted that sustainability now factored into procurement decisions, emphasizing a cultural shift towards carbon neutrality by 2030 or 2035. 

Device as a Service (DaaS): Unleashing Flexibility and Sustainability 

The discussion transitioned to Device as a Service (DaaS), a concept that offered hardware, software, and services for a predictable periodic fee, reducing Total Cost of Ownership (TCO) by up to 20%. The global DaaS market was projected to grow from £50 billion £202 billion within the next five years.  

Feedback on DaaS was mixed, with some expressing uncertainty due to their existing capex-based purchasing approach. One speaker highlighted the challenge of dealing with device disposal at the end of their lifecycle. However, another suggested that offloading this responsibility to HR could be beneficial, allowing the IT team to focus on strategic initiatives rather than day-to-day operations. One speaker shared that his organisation had already implemented DaaS successfully, with devices financed over a longer period and ordering devices in advance without immediate payment being hugely beneficial. This then posed a question about the specifics of the DaaS financial model. While DaaS is a leasing model it is important to understand its additional benefits such as scalability and the ability to return unused devices, providing a more flexible model than existing leases. 

Modern Workplace: Empowering Collaboration and Efficiency 

The concept of the Modern Workplace, highlighting the license-based model of Microsoft’s Asure, Dynamics 365, and Mobility solutions was also explored. Lenovo’s Cloud Market Place, offering self-service capabilities, was also discussed. The group acknowledged the benefits of the Modern Workplace, including cost savings and the convenience of three-year licenses. 

Concluding Remarks 

The session was fascinating, and the attendees appreciated Lenovo’s involvement and honesty in sharing their initiatives and strategic ideas.  

Key Takeaways 

1.Sustainability: A Shift in Priorities 

Sustainability is now a key focus area, driven by internal governance, compliance requirements, supply chain considerations, and employee expectations. The days of choosing suppliers solely based on price competitiveness are waning, and organisations are realising that embracing sustainability can lead to a competitive advantage, attract talent, and secure funding. 

2. Device as a Service: Redefining Technology Procurement 

DaaS offers a more flexible and sustainable approach to technology procurement, reducing TCO while allowing for scalability. This model addresses the challenge of responsibly disposing of devices at the end of their lifecycle. 

3. Local Community Engagement: Repurposing Devices for Digital Inclusion 

The importance of collaboration between tech companies and local communities can be extremely valuable, particularly in repurposing devices to enhance digital inclusion initiatives. Partnerships with large organisations and the creation of national device banks can foster digital empowerment and enable access to technology for underprivileged communities. 

4. Modern Workplace: Streamlining Operations with Licensing Models 

The Modern Workplace, powered by license-based models such as Microsoft Azure, Dynamics 365, and Mobility, offers organisations the opportunity to streamline operations and leverage self-service capabilities. 

The Northwest Tech Leaders Forum aims to be a catalyst for thought-provoking discussions, setting the stage for continued progress in sustainability, technology procurement, community engagement, and workplace efficiency. By embracing these key takeaways, organisations can position themselves as leaders in their respective fields and contribute to a brighter and more sustainable future. 

See our full range of blogs and thought pieces here

More of a listener? Check out the Tech Takeaways Podcast here

CTO Insights Newsletter Edition 1

Posted on by Josh Mantle

Welcome to our first CTO Insights newsletter. The aim is to provide you with some insights into what I’m seeing from our customers, vendors and the general IT trends in the key technology areas that are challenging us all as CTOs in our businesses. 

In this first newsletter, I thought I’d go obvious with a couple of interesting articles and information across two of the hottest technology topics cybersecurity and generative AI (and I promise ChatGPT is not writing this newsletter). 

Generative AI 

The incredible popularity of ChatGPT (until the recent release of Threads, the quickest consumer technology to reach 100 million users, taking just two months, seven quicker than Tik Tok (Incredibly Threads did this in just six days!)) has taken the AI conversation from academic to one right into the heart of day-to-day use and of course day to day business. 

I recently recorded a Tech Takeaways podcast with our COO, Jason Fitzgerald, on this very topic as we discussed the ins and outs of the technology. What it means and importantly what the risks and potential rewards are, feel free to watch or listen here 

What does all this mean for us as a CTO and our business? 

When preparing for the podcast, I found a couple of useful resources that I wanted to share that provides a good overview into the rapidly evolving world of GenAI 

Firstly, is this article for McKinsey What every CEO should know about generative AI | McKinsey. The article discusses what we mean by Gen AI specifically. Some of the use cases you will see across an organisation and some of the responsibilities, this is particularly useful for a CTO, we have before introducing such tech to our business. 

For those who’d rather listen than read, I also find this podcast from an old friend of mine Yadin Porter de Leon who is at VMware, where he talks with Paul Roetzer, CEO of Marketing AI Institute, again, about the possibilities and potential risk. Including an interesting discussion on the impact on people. Find it here Generative AI: What CIOs Need to Know – with Paul Roetzer, CEO of Marketing AI Institute – CIO Exchange (vmware.com). They should provide you with a good overview of the space and what to consider. 

Gen AI is not going to go away; this is going to become an integral part of day-to-day business and life. As CTOs, it’s important to develop a position on the topic for our organisations, that doesn’t necessarily mean being an expert, but it is important to understand how we can use this to drive our business better and what we should be wary of. 

Cyber Security 

Always at the top of the priority list is cybersecurity, it’s of course a problem that continues to evolve, with threats and attack approaches continually changing (see above!) Tackling cybersecurity requires us to continually evolve our understanding of the problem and our approach to tackling it. 

With that in mind, I recently presented alongside Sophos at an event in Liverpool where we were outlining the latest trends. I Was joined by Sophos Technologist Jon Hope who also shared the latest Sophos Ransomware report (you can get a copy of that here – 2023 Ransomware Report: Sophos State of Ransomware).  

I also put together a blog post sharing some thoughts from the event you’ll find it here. 

While we are talking about events. I also attended Infosec Europe in London at the end of June. These are always interesting events and chances to hear from subject experts and by chatting with vendors to gain an understanding of strategic direction and trends in the cybersecurity space.  

It’s a big event and even across the two days I was there it was impossible to visit everyone, but I was lucky enough to get personal briefings from 8 different vendors as well. If you went to Infosec I’d like to hear your thoughts on what you saw, but if not – here’s a blog post I wrote with some of my key takeaways 

Cybersecurity is a multi-layered complex problem and needs us to consider security implications from core to edge. It’s about people, process and technology and balancing those three elements to ensure our security posture is strong and meets the needs of our organization. There’s no surprise that it’s likely to be a regular feature of future newsletters. 

And Finally 

Two bits of Microsoft news. Firstly, it recently made a number of announcements regarding its Entra platform. Entra is the name for Microsoft’s Identity security and access control tools. I’ll share more about this in the next newsletter, as there’s some interesting things in there. One thing I did want to share was the rebranding of Azure Active Directory to Entra ID. It does make sense in terms of the bigger picture of what they are doing, but thought It was worth giving a heads up, so if you see the name Entra ID and wonder what it is, then now you know. (BTW this does not impact Active Directory, just its Azure equivalent). 

Secondly, is the impending end of support coming on Windows 2012 R2, October 10th is the end data and then it will no longer receive updates, including security, bug fixes or technical support. So, if you are still running Windows 2012R2 in your environment, now’s the time to change. More details here from Microsoft.

For now, thanks for taking the time to read this. If there is anything you’d like me to cover, you can drop me a note at cto@gardnersystems.co.uk find me on LinkedIn or Twitter and Threads  @techstringy. 

If you’d like to book in a call, you can also do this here

CTO Insights Newsletter: Intro

Posted on by Josh Mantle

Welcome to the Gardner CTO Insights Newsletter

Welcome to our new CTO Newsletter, straight from the desk of our CTO, Paul Stringfellow, to yours. We aim to bring you concise summaries, expert opinions, and thought-provoking articles covering emerging technologies, industry trends, and best practices. And to provide you with a go-to source for the latest updates in enterprise IT.

Why a newsletter and why now?

Gardner Systems has been going through some rapid changes this year and one of those has been the evolution of roles for some of our team. This has included Paul’s move to CTO. Paul is well placed amongst the Gardner team with his experience and a broad range of industry contacts to help Gardner stay on the leading edge of technology and our customers understand how technology can help them in these challenging business times.

One of the things he has been keen to do is start to develop our CTO and IT leader community. This newsletter is part of that move, finding a way to efficiently keep our customers informed of technology trends, innovations, and best practices, as well as ways to engage and keep in touch.

What it will include?

As a CTO, your role demands staying on top of the latest technological advancements that can drive digital transformation, enhance operational efficiency, and enable business growth. Whether it’s cloud computing, artificial intelligence, cybersecurity, data analytics, or any other crucial aspect of enterprise technology we want to provide you with insights and analysis that can help you make informed decisions, identify opportunities, and overcome challenges.

An Intro to our CTO

Many of you would have met Paul during his time at Gardner’s. But for those that haven’t here’s a little about our new CTO. Paul studied Computing at Liverpool John Moore’s University. He got his first IT role at a pharmaceutical company in Liverpool, where he first met the Gardner Systems Team. He joined Gardner’s not long after and has worked across the business, from technical support to systems architect and today as CTO.

Paul has been one of the public faces of Gardner for some time, presenting at many of our events as well as at local and national business community and vendor events. In recent years, Paul’s experience also attracted U.S. IT analyst firm GigaOm with whom he now consults and carries out research, mainly focused on people-centric and data-centric security. These offer further Insights and relationships that can Paul can use to bring more value to Gardner customers.

These are exciting times at Gardner and Paul and the team is looking forward to continuing to offer great service to our customers, but also to be a local trusted source of advice and help for anyone who needs it. We hope you’ll find our newsletter a useful and valuable resource to help you in your role as a local IT leader. Alongside our newsletter, Gardner offers a range of other resources that can help you, including events and the Tech Takeaways podcast.

Also, If you’d like to meet with Paul to understand more about his role and what is happening at Gardner’s, book a call with him here.

Sign up for the CTO weekly newsletter right here

Unlocking the Secrets of Cybersecurity: Insights from our Cybersecurity Preparedness Event

Posted on by Josh Mantle

Unlocking the Secrets of Cybersecurity: Insights from our Cybersecurity Preparedness Event

Recently, alongside our colleagues at Pro Liverpool and Sophos we brought together two industry experts to share their cybersecurity insights and help our attendees unlock some of the secrets of effective cybersecurity. Gardner CTO Paul Stringfellow and Sophos’s Jon Hope shared their knowledge on the changing landscape, the latest data from Sophos’s annual State of Ransomware report and what you can do to prepare your business. 

The changing landscape 

Cybersecurity threats continue to evolve.  

Unlocking the Secrets of Cybersecurity  

The way we work 

Our workforce is more mobile, no longer just confined to the relative safety of our business IT infrastructure. It is mobile and wants to work from anywhere, with continuous access. These changes alone has altered the way we operate and introduce new opportunities for cybercriminals.  

Change in infrastructure 

To meet the needs of the changing workforce organizations have changed infrastructure. No longer is it just in the data centre. Now it incorporates SaaS solutions, the public cloud, co-location facilities and services delivered by third parties. Bringing more complex environments to manage and secure. 

Attack Service has Grown 

This changing environment and supporting infrastructure present new attack surfaces. Cybercriminals no longer need to try to target well secure enterprise data centres. Instead, they are looking for insecure devices, user credentials, poorly protected third-party services as much easier ways of breaching security for malicious purposes. 

New Technology 

Technology does not stand still; organizations are embracing operational tech such as IoT and increasingly generative AI like ChatGPT. All of which has changed and broadened the places a cyber attacker can target. 

The changing attacker 

It is not only us that has changed, but cyber-attackers have also changed with us. Attackers are professional criminal organisation who operate like any large money-making business. They sell their services to any bidder lowering the barrier to entry to build a cyber-attack.  Just like any growing business, they are also exploiting technology to be more efficient and effective. Using long-term reconnaissance to feed their own analytics engines to better understand how to craft attacks against targets. 

The Target 

Unlocking the Secrets of Cybersecurity

People: They target our people to steal credentials. Because as a way to gain access into an organisations system is so much easier than “hacking” their way in. 

Data: In most cases our data is the target. This maybe to make it inaccessible (Ransomware), to steal it (so it can be sold) or to do both.  

Money: the goal is often financial. Looking at ways to extort or “con” money from victims. 

The research  

The trends that were discussed are not hypothetical as we saw from Sophos’s research in their State of Ransomware report (you can request a copy from here).   

We can see that ransomware remains a huge issue, with all key numbers continuing to rise including the average incident recovery cost, now at $1.82m.  

Ransomware stats

Am I a Target?

In terms of targets criminals were indiscriminate in their attacks, with company size having little impact on whether organizations are hit or not. Although education did stand out with an increased level of targeting, this is mainly in recognition of the amount of “interesting data” that education holds and the reality that their cybersecurity funding and protection maybe less effective than the commercial sector.  

While organization size and industry made little difference, turnover did play a part in the likelihood of an attack. Companies with the highest turnovers (+$5bn) were more likely to be hit, with 72% of companies that size having had a ransomware attack, than those with lower turnovers. This did not mean there was no chance of being attacked in fact over half (58%) of those with turnover of less than $10m had seen at least one attack.  

Time to recover

Another interesting stat from Sophos’s research was how long it took to recover from an attack and whether recovering from backup or paying a ransom had much impact. For those who recovered in the first month after an attack, there was little difference in method used.  However, where companies tool longer than this to recovery, it was more likely they were having to recover through paying the ransom. 

 Unlocking the Secrets of Cybersecurity

It should also be noted however, that while backup versus ransom didn’t make a huge difference in time. It did make a difference in quality. Those paying ransoms were not guaranteed to recover all data and were more likely to suffer further attacks.  

Another concerning stat was that recovering from an attack did not mean the end of the incident. Sophos reported that 30% of attacks in 2022 were “double jeopardy” attacks, where not only was data encrypted it was also stolen. The logic here was that even if an organisation didn’t pay to decrypt data, that data could be either sold or ransomed again with the threat of leaking that data if ransoms were not paid. 

What to do 

Knowing the size of the problem is helpful, but steps can we take to reduce the cybersecurity threat. 

People, process, technology 

Unlocking the Secrets of Cybersecurity

There is no one magic button that fixes all cybersecurity issues. Rather to effectively deal with the challenge requires focus on three key areas. 

Process 

Having good processes around areas from acceptable use policies to cyber incident response will make a significant difference. For companies who have not worked through Cyber Essentials, this is a great starting point to help build some basic processes to improve security posture. 

People 

Not only are our people a risk but if we educate them and give them the right security focussed environment, they can become our most powerful defence. Educating users about threats, creating a supporting security environment and a security culture will help engage your people and significantly improve your cybersecurity defence. 

Technology 

This is probably the least important part of an effective cybersecurity posture because if the people and processes are wrong, technology can only do so much.  The right tools do play a part and will help identify risks and potentially stop threats before they cause to much damage. When choosing security technology organisations should consider. 

  • Tools that offer broad security coverage. 
  • That use intelligence and analytics to provide proactive protection and rapid response. 
  • If you don’t have internal security skills look at managed services. 

Be Prepared 

The cybersecurity threat is evolving as rapidly as ever, threats are constant and complex. But as Paul and Jon shared you can take steps to better prepare your business to deal with it and reduce the risk and impact of any potential cybersecurity attack. 

Want to learn more about cybersecurity and ever evolving world of technology? Checkout the tech takeaways podcast – Podcasts – Gardner Systems

Need some more information on if what you’re doing is keeping you safe online? Message us for a free audit call! – About Us – Gardner Systems

Free Security Audit

Get a 1 hour FREE security audit!

Get in touch