Hackers beware, cybersecurity is evolving

Keeping your data safe has never been more crucial, especially with the rise of more sophisticated ransomware from cyber intruders. Fighting back, 5,000 people attended the National Cyber Security Show (NCSS) at the end of April, proving it is still the most hotly anticipated cyber event of the season.

Our cybersecurity consultant Grant Mossman attended the show and here shares his insight into what we can expect in the digital landscape of tomorrow, and how Sure Business can help…

Rise of the machine

It was clear from the atmosphere in the room that the recent emergence of artificial intelligence (AI) generative technology is only gaining momentum, with the biggest pull for attendees being what it can do for your security solutions. Organisations like ours are always looking for how we can best utilise the latest future-focused technology and use it to maximise your security and keep your data safe.

Along with the rapid rise in AI products in their infancy, comes the feeling of uncertainty. Software is now evolving so quickly, it’s an unfortunate fact that ransomware is not only following suit but matching the pace. However, AI systems, although intelligent, can still be deceived, manipulated, and compromised through poisoning and exploitation of traditional software flaws, rendering them ineffective as a sole method of security.

Through the use of generative AI, cyber criminals now have at their fingertips the ability to generate new and complex types of malware, phishing schemes, and other cyber hacks, and these can easily evade conventional protection. It is also worth mentioning the cost of implementing and maintaining a system so changeable as AI can be high, making it difficult for smaller organisations to afford them.

Another key focus on harnessing AI for security is human risk management. I was encouraged to see our Sure Business partner Culture AI in attendance, talking about how their platform - designed to help organisations identify and mitigate cyber risks through the analysis of employee behaviour - is being used to help identifying potential vulnerabilities by other vendors.

24 hours in an attack

Ransomware attacks remain one of the strongest methods used by cyber criminals. I attended a talk on the importance of recognising how the first 24 hours are pivotal to how much data you might lose. The key learning here was that the early implementation of proactive, layered controls can significantly reduce the probability of an attack ever happening in the first place. These layers of in-depth defence systems could take the shape of firewalls, intrusion detection systems, and access controls.

It’s also important to assess the damage caused post attack, by ensuring your business has a solid and effective response plan in place.  Developing and testing your incident plan in advance allows you to quickly respond and recover your data, should you fall foul of an attack.

It was great to see the Southwest Police department attend and talk about their experience with ransomware and targeted attacks– educating us on how to manage threats.

Threat levels – should we be worried?

With geopolitical conflicts and uncertainty around the world, it was no surprise….'that the subject of escalating threat levels for the UK was discussed in depth. Cyber weapons were high on the agenda and concerns were raised over where the next attack could come from.

With the last major cyberattack occurring just six years ago in Ukraine, it was clear this was a valid concern, with a host of lessons to be learnt. 2017 saw the “NotPetya” attack, whereby rogue malware spread with a single unpatched Windows 10 computer causing a catastrophic $10 billion worth of global damage.

Obviously, not all attacks are at this devasting scale, but to avoid any type of attack, especially for large-scale businesses, we’d advise our customers to have a clear understanding of their supply chain, networks and software. We provide the very best service possible, through a combination of education, our expert support, and best suited and most robust solutions.

Cyber safety first

No matter what size your business is, cyber safety affects us all. The West Midlands Cyber Resilience Centre (WMCRC) explored the benefits of being cyber safe, and how to mitigate your financial losses and protect your reputation if an attack strikes, ultimately allowing you to sleep easy.

There’s a multitude of tactics you can use to prevent attacks, such as implementing a strong password policy, ensuring that all users have unique passwords, or using two-factor authentication for all user accounts. You can also restrict access to sensitive data and systems to only those who need it - this automatically cuts down the number of people who can exploit the data. We’d also recommend keeping up to date on your encryptions and using a secure firewall to protect your network from external threats.

This show once again left me with the informed and confident feeling that we at Sure Business are ahead of the trends, and our knowledgeable team are only a click or phone call away.