Cyber Security Advice is a broad term which refers to the Systems a Business may have in place to Protect themselves from an IT Security Breach and reduce the risk of being affected by Cyber Crime
These Systems are likely to be a mixture of both IT Hardware, IT Software, Firewalls, Anti-Virus Software, internal IT Policies and Internal Business Polices and of course, importantly, Staff Training and Education
"It is important to remember that Cyber Security is not a static subject
As IT Technology evolves, so does the Hackers methods and tactics
Evolve with it or become a victim of Cyber Crime!"
Paul Marsh - Century IT Services
There is a general misconception that Cyber Security Advice is all about IT, but this is incorrect
Cyber Security has many different aspects to consider, including IT
Ignoring these other aspects of Cyber Security will simply mean you have Business vulnerabilities which can be exploited, for example Social Engineering
You could have one of the best IT Systems in the world, although if you have poorly educated users, or ones who take risks with IT, or ones that often circumvent IT Security measures. Then you have a employee problem and a employee training issue
Often the people that use IT and Computers are not skilled IT technicians, nor do they want to be. They are likely employeed because they are good at their particular profession
Its important to remember this when considering the subject of Cyber Security Advice
General Business advice would be to visit this Cyber Crime subject within your business on a regular basis to see if your business is doing enough to protect itself from Cyber Crime
This document discusses the broad subject of Cyber Crime Advice, looking at aspects of Protection you might not have necessarily considered
There are so many different Government Organisations offering Cyber Security Advice, this document will try to bring them all together into one useful site resource
And of course, offer some Free Advice on the subject from an IT Expert
In a hurry and need urgent help?
Click here to take you to the Business Recovery Help Sheet!
Cyber Security Advice Southampton | Cyber Security Advice Hampshire
Cyber Security | IT Security
The IT Security subject is a broad one and there will be some cross over from one subject area to another.
A good IT Security structure will ensure there are over lapping areas of IT Security. For example functionaility of the Anti-Virus software installed on computers overlaps the functionality of the Firewall
Here is a good place to start if you are serious about improving your own internal IT Security
Cyber Security | IT Systems
Different Business styles and types will likely need to vary the IT Systems, Software and Hardware they utilise within ther respective businesses. And therefore will need to vary the Cyber Security Advice
Although below are the bare necessities to consider for your IT Systems
Cyber Security Advice Southampton | Cyber Security Advice Hampshire
- Password Polices, do you have polices set to enforce password changes and complexity?
- Have you set policies on screen savers to blank computer screens and lock screens if they are left unattended?
- Do you have any intruder detection policies set?
- Do you have laid down password policies on how often passwords should be changed and if they should be complex?
- Do all of your staff have local administrator rights on their computers, do they need local admin rights to do their job?
- Do you have a reputable and capable anti-virus, anti-malware and ransomware protection system?
- Does anyone check your antivirus is up to date and in an effective state?
- Do you have a suitable Firewall separating your internal IT Systems from the internet?
- Do you have a dual filtered incoming Email Spam Detection System?
- Implement proper IT Network Firewall
- Regularly review Open Firewall Ports and assess if they are necessary
- Install and maintain a good IT Anti-Virus Software System
- Ensure your Anti-Virus software includes Ransomware Protection
- Review your Data Backup System and Data Retention Period, start with a 90 day minimum Retention
- Automate the Patching of Microsoft Windows Operating Systems and other Microsoft Applications
- Automate Patching of other 3rd Party Applications
- Segment Data and Control which users have access to all the Data
- Implement Controls to Allow / Block which applications can be installed or used on each computer
- Implement Controls to recognise DL (Data Leakage) and alert the User and Administator
Cyber Security | Internet Access
As with the subject of IT Security, again a lot of these topics have over subject lapping areas.
A good IT Security structure will ensure there are over lapping areas of IT Security. For example functionaility of the Anti-Virus software installed on computers overlaps the functionality of the Firewall
How are your IT Systems are connected to the Internet?
Cyber Security | IT Policies
IT and Business Policies will help set out how Business and IT Systems will be used, what they can be used for and what is acceptable and non accecptable usage.
These Policies, if followed by everyone, can help reduce the risk of a Cyber Security incident.
And if a Cyber Security incident occurs, these written Policies can lay out an Action List to follow in an emergency
- Implement Website Controls to block non business-related websites, known black holes, sites reported involving criminal activity, proxy websites and un-categorised websites
- What measures are implemented to protect both incoming Internet Traffic and Outbound Internet Traffic. Is your firewall capable of scanning incoming and outgoing traffic?
- Where is your email physically stored? in the cloud? on premise? Or a hybrid of both?
- Ensure your incoming Email has a Dual Filtered Spam Detection System. This means 2 different suppliers filtering your emails
- Segement your Data and only allow staff access to the data and systems they need to do their job. This will stop staff inadvertently infecting data with viruses on systems they don't use, don't need and dont have access to
- If you business offers a Guest or Public Wi-Fi System, separate this service from the main back office computer network
- Where possible, segement your internal IT Network if you have IT Systems which are internet facing or have public access. Virtual LANs (VLANS) are perfect for this
- Do you have a written down Company IT Policy for Employees that describes and states what the Business IT Systems, computers, laptops, Internet and Email can be used for? And what is acceptable use and what is not acceptable use
- Which staff have Remote Access or Work at Home access to your Computer Systems?
- How does your company handle the Storage of Data? Does everyone have access to everything or have you segmented your data giving your staff access only to the data they need to do their job?
- Are your staff educated and encouraged to report any mistakes, i.e. clicking on a Spam Email or Suspicious Document?
- Do you assess how you can reduce human error? For example, emailing the wrong customer with someone else’s information?
- Do you have a Data Leakage policy
- Do you have a 'Clear Desk Policy' which can stop sensitive information being left on Office Desks
- Policies and Procedures - do you have a written down policy on how staff manage customers data and does your staff follow that written down policy?
Need Help Urgently?
If you are suffering from a Cyber Security incident, give us a call and speak to a Experienced IT Professional who deals with this kind of Cyber Security problem regularly!
Cyber Security Advice Southampton | Cyber Security Advice Hampshire
Prompt Action is a necessity in these situations
Cyber Security Advice | Business Culture
All business should nurture a culture where employees are not afraid to report strange IT related error messages or own up to making a error of judgement. i.e.
Opening an email from an unknown sender
Opening that strange attachment
Clicking on that dodgy looking website link
Installing unsanctioned software
Installing Cracked or Rooted Software on their Mobile Phones
Disabling the Antivirus Software
Failing to Reboot their Computer when Prompted
SPAM emails are designed to fool employees into making that bad judgement call and clicking on that link or opening that document attachment
Often these sorts of attacks exploit some already published IT Security flaw, but can often be trying to alter your computer configuration or install that Malware, Back Door Trojan or some other nasty
The quality of SPAM emails are becoming more and more convincing and the phishing more and more sophisticated
Proper Firewall controls should be implemented to reduce the risk of a Cyber Security issue by Denying Access to Non Business related websites, thereby reducing the risk
IT and Security issues should be reported to your IT Team or external IT Support Company so further investigations can be made
Cyber Security Related Questions for you to try to answer
- Is your incoming and outgoing email journaled, could you look back a minimum 12 months on any external email correspondance?
- What if an employee leaves, is all of their Email history lost when you delete their email account?
- Are all of your Servers Operating Systems patched on a regular basis?
- Are all of your Servers Applications patched on a regular basis?
- Are all of your Computers and Laptops Operating Systems patched on a regular basis?
- Are all of your Computers and Laptops Applications patched on a regular basis
- Are your Computers and Laptops Hard Drives encrypted?
- What if a Laptop was left on a train or in a taxi, is the Data contained on it stored in a Secure State and Encrypted?
- Do you have a policy to remove and unistall un-needed or unecessary or unused applications
- Do you have a Policy for Employees who use their own IT, e.g mobile phones, tablets (BYOD)
- Where IT Systems support it, have you turned on 2 Factor Authentication
- Can you Restore Data back from a minimum of 3 months ago?
- Are your Data Backups Granular and Stored Offsite and Securely?
- Is your Anti-Virus Software and Ransomware Protection Software operational and up to date?
- Are your software Applications and Programs purchased from a reputable source or were they from the cheapest place you could find on the internet?
- Do you have a policy where you allow staff to install any applications they want or have a list of santioned business applications?
- Do you have a method of blocking old or out-dated applications from running?
- Do you have method for blocking certain unsanctioned applications
- Do you have an IT Asset List and know what IT Equipment you have?
- Do you have internal IT Usage Policies that Staff have read and agreed to?
- Are your open Firewall Ports reviewed on a regualr basis an the business case for them reviewed regularly?
- Can you guarantee the Safety and Protection of Customers Data within the confines of your Computer Systems?
Cyber Security | Business Recovery Help Sheet
If you think you have been infected with a Virus or have Ransomware. Or have a Cyber Security Breach don’t panic as this is counter productive
Do have an Action List Prepared in the event of an Emergency. A Cyber Security Action list is likely to contain the following
Action List
Turn off affected Computer/s and disconnect computer network cable. Make sure everyone knows not to turn on that computer/s nor plug it in
Contact your IT Support Company immediately and report the incident. Urgency is the key in these situations.
Perform some investigations and Fact finding: -
1) Who Reported the Cyber Security Incident and why? What were the circumstances?
2) Verify the the Cyber Security Incident making notes of any computer messages, computer error messages, changed computer files etc. etc. (use your camera if possible, to take pictures of computer messages)
3) Assess whether there is evidence of a Cyber Security breach or something else
4) If there was a Cyber Security Breach, identify the method of Security Breach and close this Security Vulnerability straight away. For example
- Was it an Infected Website someone clicked on?
- Was it a phishing email someone clicked on?
- Was it a breach of your Computer Network Firewall?
- Was it something else?
- Assess the extent of the damage
5) Which computers is the problem affecting, just one? Or all of them?
6) Is the File Server affected or Compromised?
7) Is it just specific data that is affected or all Data?
Repairing the Damage
Once an assessment has taken place and the extent of damage identified. Can the IT Systems be repaired quickly minimising disruption to the normal business operations?
In the case of a Computer Virus, can the Computer Virus be removed and Computer System cleaned.
Do the computers need to be reinstalled?
In the case of Data, can the affected Data be Restored from a Recent Data Backup? Or a earlier backup? Or a much, much earlier backup?
Stopping a Reoccurance
Once Computer System is repaired, make an assessment on the same thing happening again
1) Do you need to provide staff training?
2) Do you need to improve your IT Systems or IT Security?
3) Do you need to alter your internal Computer Use Policies, or Business Policies?
Cyber Security | When to Report a GDPR Breach
The General Data Protection Regulation builds on existing Data Protection responsibilities and regulations and extends those responsibilities.
Businesses are legally obliged to keep the data they hold secure, and to only use it for agreed purposes.
There are heavy penalties for data security breaches, whether accidental or through misconduct.
For most businesses this means that there are several different angles to look at. You need to consider how your IT Systems are set up, what IT Security is in place, and what your IT Policies are for Data Security and Data Usage.
GDPR and Data Protection
Has there been a GDPR or Data Protection breach?
Was there actually a security breach or a virus / ransomware infecting files?
Information Commissioner's Office | Guidance on Reporting a GDPR Breach
Guidance from the Information Commisioner's Office is below on when to report a GDPR Breach and when not to report a GDPR breach
"GDPR or DPA 2018 personal data breach"
"A personal data breach is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data.
If you experience a personal data breach you need to consider whether this poses a risk to people. You need to consider the likelihood and severity of the risk to people’s rights and freedoms, following the breach. When you’ve made this assessment, if it’s likely there will be a risk then you must notify the ICO; if it’s unlikely then you don’t have to report. You do not need to report every breach to the ICO"
The ICO offer a 'Self Assessement; to determine whether your business needs to report a GDPR issue
Cyber Security | Reporting CyberCrime
Getting your business up and runnning again as quickly as possible will be your primary concern.
Although, reporting these types of Cyber Crime will help Government properley assess the scale of this type of crime and justify the appropiate funding and resources towards these crimes
Unreported Cyber Crime is undetected Cyber Crime
Paul Marsh - Century IT Services
For many businesses we have helped recover from a Cyber Crime or Ransomware incident, there is obviously a certain degree of of anger that this has happened to their Business
In our experience, most business could do more to better protect themselves and reduce the risk of a Cyber Security event
Although it is important to accept that in the current climate of lawlessness on the Internet, no Company or Organisation is completley immune from a Cyber Security event and completely bullet proof
There are many steps a Business can take to reduce the risk of Cyber Crime happening to them.
And there are also many steps a Business can take to ensure that if they are hit with as Cyber Crime event, disruption is minimised and they can recover quickly with least disruption to the day to day running for their Business
We would recommed, reporting Cyber Crime to ActionFraud National Fraud and Cyber Crime Reporting Centre
https://www.actionfraud.police.uk/reporting-fraud-and-cyber-crime
Need Help Urgently?
If you are suffering from a Cyber Security incident, give us a call and speak to a Experienced IT Professional who deals with this kind of Cyber Security problem regularly!
Cyber Security Advice Southampton | Cyber Security Advice Hampshire
Prompt Action is a necessity in these situations
Useful Links
National Cyber Security Centre https://www.ncsc.gov.uk/section/information-for/small-medium-sized-organisations
National Crime Agency https://nationalcrimeagency.gov.uk/what-we-do/crime-threats/cyber-crime
National Business Crime Centre https://nbcc.police.uk/
Hampshire Police https://www.hampshire.police.uk/advice/advice-and-information/fa/fraud/useful-contacts-for-fraud-cyber-crime-advice/
Wiltshire Police https://www.wiltshire.police.uk/article/885/Cyber-Crime
Dorset Police https://www.dorset.police.uk/help-advice-crime-prevention/scams-fraud-cyber-crime/cyber-crime/
Surrey Police https://www.surrey.police.uk/advice/advice-and-information/fa/fraud/online-fraud/cyber-crime-fraud/
Sussex Police https://www.sussex.police.uk/advice/advice-and-information/fa/fraud/useful-contacts-for-fraud-cyber-crime-advice/
Metropolitan Police https://www.met.police.uk/advice/advice-and-information/fa/fraud/useful-contacts-for-fraud-cyber-crime-advice/
City Of London Police https://www.cityoflondon.police.uk/advice-and-support/cybercrime/Pages/default.aspx
Sophos Security Centre https://home.sophos.com/en-us/security-center.aspx?la=en
EuroPol https://www.europol.europa.eu/report-a-crime/report-cybercrime-online
Action Fraud https://www.actionfraudalert.co.uk
Gov.UK https://www.gov.uk/government/statistics/cyber-security-breaches-survey-2019
Office for National Statistics https://www.ons.gov.uk/search?q=cyber+crime
Information Commissioner's Office https://ico.org.uk/
No More Ransom https://www.nomoreransom.org
Federation of Small Business https://www.fsb.org.uk/
Victim Support https://www.victimsupport.org.uk/crime-info/types-crime/cyber-crime
Age UK https://www.ageuk.org.uk/information-advice/money-legal/scams-fraud/
Crime Stoppers https://crimestoppers-uk.org/keeping-safe/online-safety/cyber-security-and-crimes
Stay Safe Online https://staysafeonline.org/stay-safe-online/identity-theft-fraud-cybercrime/reporting-cybercrime/
Citizens Advice https://www.citizensadvice.org.uk/consumer/scams/reporting-a-scam/
Sophos Threatsarus https://www.sophos.com/en-us/medialibrary/PDFs/marketing%20material/sophosthreatsaurusazen.pdf
Need Help Urgently?
If you are suffering from a Cyber Security incident, give us a call and speak to a Experienced IT Professional who deals with this kind of Cyber Security problem regularly!
Cyber Security Advice Southampton | Cyber Security Advice Hampshire
Prompt Action is a necessity in these situations
