Every business is a potential victim of cybercriminals whose motives range from espionage, fraud, insider theft or sabotage, and even fun. The troves of sensitive business data that can be sold on the dark web or used to negotiate a ransom is all the motivation hackers need to breach your IT environment. Statistics reveal that across all UK businesses there were approximately 2.39 million instances of cybercrime and approximately 49,000 instances of fraud as a result of cybercrime in the last 12 months.

Cybersecurity threats may range from phishing attacks to ransomware and malware attacks. Whatever form it takes, a cyber breach can result in reputational damage and ultimately, a loss of investor’s confidence and financial damage.

Businesses cannot afford to pay lip service to cybersecurity. It is imperative that they stay ahead of cybercriminals by continually measuring the effectiveness of their IT security infrastructure against growing threats that target them, enforcing access policies and maintaining high defences.

What is Cyber Essentials?

For businesses aiming to enhance their cybersecurity measures, a recommended starting point is the Cyber Essentials Certification Scheme. This scheme involves an assessment conducted by a third-party organisation, utilising guidance provided by the UK National Cyber Security Centre (NCSC), which is a government-funded entity dedicated to safeguarding the interests of UK businesses. This comprehensive framework outlines fundamental technical controls designed to fortify organizations against cyberattacks. The certification process offers two distinct levels: Cyber Essentials and Cyber Essentials Plus. The Cyber Essentials level concentrates on five key areas:

  • Firewalls
  • User Access Controls
  • Patch Management
  • Security Configuration
  • Malware Management

In essence, the assessment evaluates whether internal policies governing data handling are established, whether security systems are implemented, and whether all existing systems are covered by third-party support and patching agreements.

Patch Management

Patch management encompasses critical questions around supported operating systems, software licensing, 3rd party software updates, system updates. Of all, patch management can be the most challenging.

How do you manage your software? Are all systems up-to-date or are there critical vulnerabilities to your network? Do you have supported operating systems on the network or does your organisation still use Windows 7 or Windows server 2008? How do you manage your software? If your answers to any of these questions is no, then you need to immediately reassess your security infrastructure.

Firewalls

A network firewall secures computers from malicious software and unauthorised access, creating a barrier between your secured internal networks and untrusted outside networks. An absence of a firewall means that any individual can enter, access data and send to an external source. Consider these questions: Does your business have any ‘holes’ in its firewall such as open ports, or firewall rules that are no longer required, perhaps because a legacy system has been decommissioned? What change process are in place if you are going to open ports on your firewall? Is this process documented/ Who authorises the change? Is admin access strictly restricted to specific IP address?

Malware Management

Malware infects computers and provides remote access for an attacker to investigate the infected user’s network resources and computer, sending fraudulent emails from infected machine to unsuspecting targets, and steal sensitive data.

Malware protection prevents harmful code from accessing sensitive information or causing damage. It also prevents execution of untrusted software and known malware. Consider these questions: Does your software automatically scan web pages when accessed through a web browser to prevent connections to malicious websites? Is there an antivirus software installed on all devices? Are all new files automatically scanned upon access? Do you deploy application sandboxing and whitelisting? Does the anti-virus software update itself with the latest signatures?

User Access Control

User management is an integral aspect of the Cyber Essential Scheme, encompassing the administration of user accounts, particularly those with special access privileges, in order to safeguard against unauthorised access and misuse. Organisations that neglect to establish an efficient user access control policy run the risk of exposing their networks, applications, and computers to potential hackers. It is crucial to address the following key questions:

  • Does your organisation have a policy in place for managing user accounts when employees join or leave?
  • Do you utilise separate accounts for routine tasks, or do you rely on network and system administrator accounts for non-administrative activities?
  • Are user account access privileges regularly reviewed?
  • Have you established an effective policy for configuring user permissions?
  • Can only successfully authenticated user accounts access computers, applications and network?

Neglecting proper user access control not only puts your networks and computers at risk from hackers but also increases the possibility of employees intentionally accessing and misusing data they are not authorised to see.

Security Configuration

Security configuration are a common loophole targeted by hackers to exploit vulnerabilities. Security configuration management identifies these misconfigurations. Secure configurations are measures that are implemented when building network devices and computers to install cyber vulnerabilities

It is essential to evaluate your organisation’s password policy and assess its effectiveness. Consider these questions: Do you deploy multi-factor authentication for your staff as an additional layer of protection? Do you change the default login details on network devices? Are auto-run features that allow file execution without user authorisations disabled? Do you disable unnecessary user accounts on company system?

Get Cyber Essentials Certification

Getting started with cybersecurity can be a daunting especially if you lack technical IT skills. Modalit simplifies this process by providing a comprehensive range of managed IT services, including network support, bespoke maintenance, on-site support, proactive monitoring, email and domain services, backup, virtualisation and disaster support.

You do not need to be an existing Modalit customer to access our services, our consultants can make the Cyber Essentials certification seamless by identifying challenges that can prevent business from becoming certified and providing recommendations and guidance to achieve certification

If you want to learn more about how to develop cyber resilience for your business, contact us for more details.