Home Stakeholders For 20 years Digital Craftsmen has been at the front line against...

For 20 years Digital Craftsmen has been at the front line against cyber-attacks

Founder Simon Wilcox offers his advice to be aware and be prepared.  Today, it is not a matter of ‘if’ you will be a victim of a cyber-attack, but ‘when’ if you haven’t already

There are only two types of organisations: those that have been hacked and those that don’t know they have been hacked, yet

Long before Public Cloud, Broadband, and Ransomware were even thought of, we’ve been keeping our customers safe through all the changes and developments online.

Today, the commoditisation of online threats in our hyper-connected world means everyone is at risk from cyber-attacks. Local and central government are particularly challenging environments where the drive towards online services must be balanced with the need to secure the personal data of its users, during a period of great upheaval and uncertainty. Budgets are tight, with many headcounts frozen. The risk of an embarrassing, and costly, data breach gets higher all the time, as more criminal gangs target smaller organisations.

Unfortunately, the skills required to counter these threats are expensive with a shortage of experienced cyber security professionals making it even harder to bring the requisite cyber security skills inhouse.

Bringing in Third Party Cyber Security Experts

We provide a way to access the skills, experience, and latest technology solutions required to secure modern online organisations in a cost-effective way. This allows you to enhance the capabilities of your existing IT teams without requiring significant capital expenditure or hiring in specialist skills that can be hard to manage.

Security is always job number one for our team, and its been baked into our culture from the very start. We provide an environment for cyber specialists to thrive which means we provide you with cyber security skills quickly and efficiently, for as long as you need them. We’ve also partnered with some of the best cyber security software providers to build an eco-system of technology products that allows us to quickly deploy analyse, detect, and control systems into your existing networks for a rapid return on investment.

If you’re not sure how to plan your next step in cyber security, our advice is to book a vulnerability audit asap to identify where potential vulnerabilities exist in your systems.  

Secure Foundations

The time has long gone to see how far you can get away with your current level of security or think it’s sufficient to protect your border and the job is done.  You need to think criminals are already inside your network.  This means changing how you design and operate your systems, from passive to proactive and the list below is the bare minimum of what you should be doing:

  • Patching promptly and efficiently
  • Designing networks to protect key assets
  • Hardening servers to minimise the attack surface, i.e., reducing the ways and surface area criminals can attack your systems
  • Monitoring all aspects of your networks 24×7

Vulnerability Management

Grow beyond a few devices and managing vulnerabilities becomes a major chore. Our vulnerability management service provides a centralised dashboard identifying the most pressing vulnerabilities that present the highest risks. Our security teams are available to advise on ways to address the issues, and on hand to supplement your own team with resources to update systems to close off these vulnerabilities.

Vulnerability Management is available across Windows, Linux, Mac, & Mobile devices to provide the most comprehensive view of the threat landscape within your organisation.

Intrusion Detection

No matter how well vulnerabilities are managed, the reality is the attackers will nearly always find a way to break through. In a well-managed organisation, monitoring and good backups reduce the time it takes to identify a breach and mitigate some of the effects of ransomware. For many organisations this will be enough – but if you process personal data or transact through the web, then it’s not enough.

You need to be proactive in looking for, detecting, and then stopping a breach as it’s happening. Intrusion detection looks for unusual behaviour, and Indicators of Compromise (IoC), across the estate and report on these when discovered. Intrusion detections includes:

  • Antivirus and malware detection with centralised reporting and management
  • Detection of unauthorised file changes
  • Log file analysis to detect unusual behaviour and other IoC
  • Detection of unusual network traffic
  • Detection of unauthorised configuration changes on servers

A common criminal tactic in larger organisations is to breach the network but then spend several days or weeks mapping out the system, looking for further weak points and high value targets. Intrusion Detection aims to catch them whilst they’re “laying low”.

Security Operations Centre

Highly regulated businesses, or those facing significant operational, or reputational, damage because of a breach need to ensure they are working the hours criminals work, i.e., 24×7. Only very large enterprises have the funding to afford a cyber security team with sufficient capabilities and experience to operate at high level of responsiveness 24×7. Burn out amongst internal teams is a concern because the pressure to stay constantly alert and ready is relentless. This is where our services come into their own supporting smaller organisations by offering a 24×7 Security Operations Centre that builds on our other services to provide complete peace of mind. Whenever criminals strike, our team is ready to respond immediately to close off their attacks. Key features of this service include:

  • Close coordination with client IT & Security teams
  • 24×7 monitoring for Intrusion Detection
  • Development of incident response playbooks to allow swift response to attacks
  • Day-to-day responsibility for managing the Vulnerability Management and Intrusion Detection services

Contact us today to find out about our range of cyber security services. Call on 020 3745 7706 or email publicsector@digitalcraftsmen.com

Cyber Security by Digital Craftsmen Bringing Peace of Mind in an Increasingly Threatening Landscape

Logos

Stakeholder Profiles