Search
Close this search box.

Cyber Security Review 2019

Table of Contents

[fusion_builder_container type=”flex” hundred_percent=”no” equal_height_columns=”no” menu_anchor=”” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” class=”” id=”” background_color=”” background_image=”” background_position=”center center” background_repeat=”no-repeat” fade=”no” background_parallax=”none” parallax_speed=”0.3″ video_mp4=”” video_webm=”” video_ogv=”” video_url=”” video_aspect_ratio=”16:9″ video_loop=”yes” video_mute=”yes” overlay_color=”” video_preview_image=”” border_color=”” border_style=”solid” padding_top=”” padding_bottom=”” padding_left=”” padding_right=””][fusion_builder_row][fusion_builder_column type=”1_1″ layout=”1_1″ background_position=”left top” background_color=”” border_color=”” border_style=”solid” border_position=”all” spacing=”yes” background_image=”” background_repeat=”no-repeat” padding_top=”” padding_right=”” padding_bottom=”” padding_left=”” margin_top=”0px” margin_bottom=”0px” class=”” id=”” animation_type=”” animation_speed=”0.3″ animation_direction=”left” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” center_content=”no” last=”true” min_height=”” hover_type=”none” link=”” border_sizes_top=”” border_sizes_bottom=”” border_sizes_left=”” border_sizes_right=”” first=”true”][fusion_text columns=”” column_min_width=”” column_spacing=”” rule_style=”default” rule_size=”” rule_color=”” content_alignment_medium=”” content_alignment_small=”” content_alignment=”” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” sticky_display=”normal,sticky” class=”” id=”” margin_top=”” margin_right=”” margin_bottom=”” margin_left=”” font_size=”” fusion_font_family_text_font=”” fusion_font_variant_text_font=”” line_height=”” letter_spacing=”” text_transform=”none” text_color=”” animation_type=”” animation_direction=”left” animation_speed=”0.3″ animation_offset=””]This is our Cyber Security Review 2019 – it has certainly been a pivotal year in cyber security!

Multi-factor authentication has seen an increased uptake, with over 50% of businesses adopting a more layered approach to their cyber security. Cloud computing also surged in use, especially in the UK, as concerns over cloud security have relaxed over time.

In other news, the effects of GDPR on the sector became very clear, very quickly. Data breaches, for example, now carry far larger financial consequences. British Airways was one of the first businesses to feel the sting earlier this year, having been hit by a £183m fine following a data breach.

We sat down and spoke to Neuways Managing Director, Martin Roberts, and Chief Technology Officer, Toby Stephenson, to get their points of view on the key developments in the sector in 2019.

The Democratisation of Cyber Crime

When undertaking our Cyber Security Review of 2019, we’ve observed a ‘democratisation’ of cyber criminality.

What I mean by this is that even somebody with limited IT skills, and very little wherewithal, can go on to the dark web and buy a phishing kit, or crypto-locking tools, for only a few pounds. With these, they have the ability to ransom victims for their important files.As Martin mentioned, phishing is one of the most common ways of stealing this data and it’s a modern-day arms race.

No sooner do email filtering systems (the ‘good guys’) detect and prevent one style of phishing, the phishing actors (the ‘bad guys’) evolve and switch it up to use a new phishing style in an attempt to evade the filtering.

It’s an increasingly popular method of stealing credentials, which can then be used to extort money (through blackmail, ransom, impersonation, etc.) or steal data/intellectual property. The actual harvesting and selling of this account data can also be quite lucrative.

Cyber Security Review – The Year of MFA

Multi-factor authentication (MFA) is the layering of security through two or more methods. In short, your password is one factor of authentication. Other factors might include: an authentication token sent to your email address; a push notification to your mobile device; or even biometric authenticator such as a fingerprint.

Fortunately, we have seen increased adoption rates of MFA over the past year. This can be attributed to the rise in credential-based attacks, such as phishing, but also a wider cyber security awareness.

This development is greatly encouraging. Implementing MFA is a fairly simple procedure that blocks 99.9% of automated cyber attacks, according to Microsoft. The reason for this is simple. Passwords can be guessed, no matter how complex they are.

The reason that we always advocate a “Defence in Depth” methodology to security systems is simple – no single solution is 100% effective 100% of the time, no matter how much it costs to buy/run or how much a supplier advises to the contrary, so you need to layer them to give yourself the best chance against the “bad guys”.

I fully expect the uptake in MFA to continue through 2020 as more and more companies begin to realise how this simple addition to their daily workflow can make a cyber criminal’s life so much more difficult.

The principle behind MFA is that it’s possible to guess a password, but it’s far more difficult to guess a password, gain access to an authentication token from someone’s email address or personal device, and have access to a copy of their fingerprint.

Acceptance of Cloud Computing

Our Cyber Security Review shows us that more businesses are embracing cloud computing, especially in the UK, where it’s estimated that 42% of organisations use the cloud (versus an EU average of 26%).

Part of the reason is that prior concerns about cloud security have relaxed over the years. However, there is also a strong business case for moving to the cloud – or, at the very least, a hybrid cloud approach.

Most cloud software programs bring your data processes together, unifying and consolidating your data into a single place. Microsoft’s offering is just one example of this. With Office 365, your emails, documents, digital media, invoicing software, and business intelligence tools are able to communicate with one another.

Businesses are finding that this level of integration offers significant competitive advantages. Especially when the alternative is siloed data and processes.It’s not that long ago that cloud computing was viewed with suspicion. There were concerns about security, ownership of the data and the cost model. However, it seems that people have become more comfortable with the security aspects and the data ownership issues.

What is still to become clear over time, is the comfort with the pricing and costs. In the traditional on-premise model, a business was used to the idea that every three to five years there would be a large capital project to buy and install new servers, and associated peripherals. This would be the IT spend for the next period.

Now, the majority of businesses appear to be content for a monthly subscription for the software they use and where it is used. It’s turned CAPEX to OPEX, and it seems acceptable to many. For a while many businesses thought that the move to the cloud would cut out the need to pay MSPs, like Neuways, to look after their systems – believing the cloud provider would make this part of the service. However, the reality is that this model is sometimes more complicated to manage and make work, particularly where some legacy system is involved (typically a business software system) than the ‘traditional model. This may have a bearing on future trends.

Toby’s Top 5 Predictions for 2020

Phishing/Vishing (Voice/Video Phishing) attacks will continue to rise and will become more sophisticated and convincing, especially as deep fake audio & video technology becomes more accessible and affordable.

Organised cyber criminal gangs will drive “professionalisation” of phishing campaigns, making them even harder to spot and detect. Continued security awareness training will be a key element in this battle in addition to developments within the detection layers.Password management software will be adopted by mainstream IT users. Humans are rubbish at remembering passwords – fact. This is why passwords are often so weak and guessed so easily. This is also why passwords are reused multiple times across different services.

Password management software can help with both facets but has traditionally been aimed at individuals or the more technically minded. A new generation of business-orientated password management software is aiming to change both of these perceptions, simplifying usage, and granting robust controls for the organisation whilst maintaining privacy for the end user.

Multi-factor authentication systems will increase in popularity and scope as a proven mature mechanism for increasing authentication security over passwords alone. Organisations will look to adopt Single Sign On (SSO) capabilities to further simplify their login processes and increase security.

Cloud adoption (Software-as-a-Service in particular) will continue as many organisations look to the cloud for new and replacement applications and systems. Some businesses that need to retain on-premise systems will continue to do so but in a hybrid model, migrating and extending into cloud services where connectivity and use case permits.

Reports from the US suggest that managed service providers in that region are under attack as part of elaborate “supply chain attacks”. Cyber criminals are actively targeting the organisations that support the IT of regular businesses to leverage the powerful tools and access rights that are used to provide support.

There have been numerous reported occurrences within the US in 2019 and I predict that there will be at least one significant breach of this nature within the UK during 2020.

Martin’s Final Words

So what has our Cyber Security Review shown us? Well, there may well be a small move back to on-premise computing and this may be driven by a price shock and the inability to control costs. Maybe.

More cyber criminality? You bet!

For us as a business, we’ll see a continued dedication to keeping our customers safe whilst striving to always improve the way we serve them. An important part of this will be the delivery of Microsoft Dynamics 365 Business Central – the ERP for SME’s – which will mean our customers and business partners will be able to rely on us to provide and support all of the systems they need to have a thriving business.[/fusion_text][/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]

Want to keep up with our blog?

Get our most valuable tips right inside your inbox, once per month!

Latest IT News & Insights
Phishing Awareness Training
How To React To The Rise In Quality of Phishing Attacks
Be Cybersafe, stay informed, stay vigilant, and let Neuways help you build a strong and secure defence...
Read More
IT Support issues can be resolved by working with companies like Neuways
IT Support issue caused Cornwall Hospital Disruption - Not Cyber Attack
IT Support issues - It's all about backup protocols. These Issues caused disruption in Cornwall. but...
Read More
Neuways explain how to help move IT offices seamlessly.
How to seamlessly move offices without your IT being affected
Moving offices as a business does not have to be complicated. Make life easier for your team by enlisting...
Read More
Choose Neuways for your IT Support, Cyber Security and Business Central needs.
Become Cybersafe: Listen to our Cybersafe Digest Podcast
As leaders of businesses and companies, the weight of safeguarding your company’s assets, reputation,...
Read More
Use a password manager tool like the ones recommended from Neuways
Best thing about using a Password Manager tool
When using a password manager tool, you can store all your login details in one accessible place. It's...
Read More
Cyber Security Representation
The Critical Need for Businesses to Strengthen Cyber Security in the Age of AI
Businesses must take note of the dangers of AI and Cyber Security. In our latest blog we explain the...
Read More
IT Support in Derby from Neuways
What Questions should you be asking your IT Support Provider?
Choosing the right managed IT service provider (MSP) is crucial for your business’s success, and...
Read More
Microsoft Dynamics 365 Business Central Main Product Mockup Showcase ERP
Why Business Central enhances and streamlines solutions
See how Microsoft Dynamics 365 Business Central enhances business solutions and streamlines the processes...
Read More

Frequently Asked Questions

As a leading IT and technology provider, we offer three core services, all of which have additional add-ons. We offer Managed IT Support, Business Central implementation and consultation, as well as Managed Cyber Security. Call us on 01283 753333 if you are interested in any of our services.

Contact us

Support: 01283 753300

Business Development: 01283 753333

Purchasing: 01283 753322

Admin and Accounts: 01283 753311

Email: hello@neuways.com

Managed IT support is a comprehensive solution where an expert IT provider, like Neuways, handles your technology infrastructure. This includes proactive monitoring, maintenance, cyber security, and support.

Yes we do. Your business needs Cyber Security due to the increasing number of cyber threats that are affecting businesses in all industries. If your business has data and technology systems implemented, you will need Managed Cyber Security.

Yes we can. We have our own dedicated Microsoft Dynamics 365 Business Central teams who work to ensure that we can implement the right systems and solutions into your website that are absolute right for you. 

Exclaimer Pro is a dynamic email signature that helps clients to switch and change around email signatures so that clients are able to advertise different offers and brands to a variety of email recipients. Administrators can also manage user emails internally, meaning the user does not have to touch their own email signature.

We offer Managed Security Training to help employees spot email phishing attacks, spear phishing attacks and vishing attacks. We also help train clients on how to use the various pieces of software we provide to clients, like Exclaimer Pro, Business Central and Cybersafe software.

We are a Managed IT Support provider based in Derby, East Midlands. However, we cover so many areas including the whole of the UK, Europe, and America. We are always willing to travel and send our expert technicians to ensure you have the best experience. 

Got a question?

Reach out
& Connect

Please enable JavaScript in your browser to complete this form.
Name