CYBER SECURITY
CYBER SECURITY
NETWORK INFRASTRUCTURE
TRANSFORMATION
LinearStack this week launched its Cyber Essentials Package designed for small and medium enterprises (SMEs) looking to bolster their cyber security. The package bundles together six services that cover key areas of cyberdefence – risk assessment and roadmapping, 24x7 monitoring, managed detection and response, identity management, dark web monitoring, and security awareness training.
The package is useful for businesses at any stage of their cyber security journey and is a formidable start for those who are yet to implement mature cyberdefence processes. All organisations, regardless of size and sector, need effective cyber security to fight threats like ransomware, supply chain attacks, targeted phishing, and major data breaches to stop serious threats before they become business disrupting events. This is especially true of SMEs, that stand to lose much more from successful breaches than larger organisations that can absorb such blows with lesser damage.
The notion that larger enterprises are at a much higher risk of cyber attacks than SMEs has been proven to be untrue by multiple studies at this point. A recent advisory on ransomware released by CISA (Cyber security and Infrastructure Security Agency), the Australian Cyber Security Centre (ACSC) and the National Cyber Security Centre (NCSC), UK said that in the second half of 2021, threat actors increasingly turned their attention from the “big fish” to mid-size enterprises to avoid scrutiny by the authorities. SMEs have been at the receiving end of many advanced and targeted attacks over the last several years.
According to a survey conducted by the European Union Agency for Cyber security (ENISA) in 2021, the greatest cyber security challenges faced by SMEs are lack of awareness about security threats, the costs of deploying effective cyberdefence solutions and controls, no dedicated cyber security budget, insufficient cyber security guidance dedicated to SMEs, and low management support. More than 80 percent of the SMEs surveyed said that a major cyber security event would have a serious negative impact on their business, with 57 percent saying that they would most likely become bankrupt or go out of business if they faced a serious attack.
The global digital landscape has changed dramatically in the last few years, particularly after the Covid19 pandemic hit in 2020. More SMEs are now relying on online services for faster and scalable operations, and a sizable proportion of the workforce has switched to a hybrid work model with more people working remotely today than ever before. Data sharing across different networks and geographies has become the norm. While this has significant convenience and speed-related benefits, it has also led to a massive expansion of the cyber attack surface globally, opening up new entry points for cybercriminals every day.
The transition to new work models has been relatively quick and smooth for most small and medium businesses, thanks to fast evolving technology and cloud computing, but many of these same organisations are still struggling to secure their critical data online. With the network perimeter blurring, traditional approaches to security and the reliance on legacy firewalls and antivirus solutions are no longer enough for effective cyber security.
Security agencies across the world have repeatedly emphasized the need for multi-layered security for effective protection against advanced cyber attacks. Attackers usually need to go through multiple steps to meet their end-goals, and the current line of thinking is that deploying security controls at multiple points within a network is the best way to stop successful attacks. With a strong defensive net, even if a criminal gets into an organisation's IT environment, their lateral movement and progress towards the organisation's crown jewels will be impeded, preventing successful execution.
The Cyber Essentials Package is designed with a zero-trust, multi-layer security model in mind. The six services, deployed by a team of skilled cyber security practitioners, will together create a strong mesh of security controls for well-rounded defence. The program will cover prevention, detection and response, with LinearStack's team providing 24x7 support to clients for not just threat detection, alert handling and escalation, but the complete response cycle in the event of a breach. This is in addition to continued guidance and recommendations for a stronger security posture.
This includes 24x7 cyber vigilance, with security analysts constantly monitoring the network and endpoints for malicious activity and handling the alerts generated by security tools. Service deployment – including setting up and tuning monitoring tools – takes days rather than weeks and months with almost immediate security benefits once deployment is complete.
MDR is a specialised service focused on deep detection and rapid response. Proactive threat hunting, research, actionable threat intelligence, quick detection and containment within seconds and minutes are some of the core components of the service. It combines industry-leading XDR technology and the expert skillset of a team of analysts and incident response specialists to catch and contain threats before they cause operational or financial damage.
The identity and access management service is one of the cornerstones of zero trust security. It involves setting up strong authentication and authorisation controls to ensure that protected data is accessed only by authorised entities. Attribute-based access controls protect against malicious login attempts, while also making sure that employees can access the information they need to do their jobs without roadblocks.
The package includes ongoing security awareness programs and campaigns created based on existing employee awareness about emerging threats and cyber security best practices. The training materials are interactive, easy-to-access and designed to help create a security-first culture. It also includes tailor-made phishing simulation campaigns to test employees' response to fraudulent emails.
Dark Web Monitoring is designed to search the dark web for leaked or compromised company data that is being misused or sold/shared illegally. If any protected data is found to be compromised, clients are notified immediately and corrective action is initiated – either automatically, or via other established processes.
Quarterly risk assessments help organisations understand their current security posture, attack surface, and gaps in the security program. One of LinearStack's senior security consultants provides recommendations for strengthening security, filling security holes, and moving towards cyber security maturity.
To find out more about the Cyber Essentials Package, add-ons, and benefits, get in touch with LinearStack. Call us at 0800 008 795 or email us at info@linearstack.co.nz and we will get back to you within 24 hours. Read about the service here – Cyber Essentials Package.
.jpg)
.jpg)
.jpg)
.svg)
