NCSC IT Health Check.
What is an IT Health Check and why is it important?
An IT Health Check (ITHC), also known as a Penetration (Pen) Test, is an important component in the over-arching Security Assurance activities and one of several possible mechanisms used to provide confidence and assurance of the security baseline design.
An ITHC is a series of controlled ethical hacking tests and actions designed to deliberately identify and expose security vulnerabilities that might be present in IT solutions. The objective of scrutinising an IT solution in this manner allows the project and business teams to understand the risk exposure should it become compromised and formulate a remediation plan to mitigate and protect the systems and data that might reside in it.
How can Bechtle help you to avoid a similar threat?
Bechtle’s Penetration Testing services give you the information you need to enhance your protection against ransomware and other cyber-attacks. All Penetration Testing services are delivered by experienced, qualified, and ethical hackers, you will be provided with summary reports in an easy to digest format that contain expert advice on how to reduce your organisation’s attack surface and close off common vulnerabilities.
|
Are you the next target?
Over three-quarters of global organisations think they'll be breached in 2022.
Threats they're most concerned about globally are ransomware, phishing/social engineering, and denial of service (DoS)—and the negative consequences of a breach are stolen or damaged equipment, cost of outside consultants/experts, and customer turnover. When it comes to IT infrastructure, organisations are most worried about mobile/remote.
employees, cloud computing and 3rd party applications. The highest levels of risk were around the following statements:
- My organisation's IT security function supports security in the DevOps environment.
- My organisation's IT security leader (CISO) has sufficient authority and resources to achieve a strong security posture.
- My organisation's IT security function strictly enforces acts of non-compliance to security policies, standard operating procedures, and external requirements.
This clearly indicates that more resources must be diverted to people, processes, and technology globally to enhance preparedness and reduce overall risk levels.
How can Bechtle help you to avoid a similar threat? It’s often difficult to know where immediate concerns and areas of focus are when preventing a potential breach from occurring. This is due to the constant change in IT infrastructure and ever evolving threat landscape.
Therefore, a security posture assessment is a great place to start, especially for organisations with limited Cyber skills internally, add good visibility of vulnerabilities within your organisation and a patch tool to remediate, help reduce your attack surface drastically.
Bechtle provides key analysis and services to identify how best to invest in the security of your organisation.
Please follow this link for more information, alternatively reach out to your account manager to arrange a discussion with the Security team.
|
Emotet re-establishes itself at the top of the malware world.
Return of an old friend...
Botnet infrastructure shut down last year, now central to a fast-spreading email scam, researchers say
More than a year after essentially being shut down, the notorious Emotet malware operation is showing a strong resurgence.
In a March threat index, Check Point researchers put the Windows software nasty at the top of its list as the most widely deployed malware, menacing or infecting as much as 10 percent of organizations around the globe during the month – a seemingly unbelievable estimate, and apparently double that of February.
The security of your business is critical and something that needs constant review to ensure changes, both internal and external, are not exposing you to undue risk. Bechtle’s Swift Security Review will provide you with a quick, clear visualisation on the current status of, what we believe, are the 9 core components of a business’ security strategy. From this, Bechtle will align a dedicated security consultant to go through your response and build you a plan that aligns to your wider business requirements and provides a strategy to close any exposure gaps you feel you have.
|
UK Army recruitment hit.
A strange coincidence.
While an ICO investigation called for no further action, the breach has complicated recruitment during the war in Ukraine.
A data breach has hit the UK Army, forcing it to close its recruitment system for over a month.
The breach compromised candidate data, resulting in the information of 124 UK Army recruits being offered for sale on the dark web. This information included full names of the candidates along with their dates of birth, addresses, qualifications, and previous employment details.
The breach took place on March 13th, with the Armed Forces taking down its enrolment portal, the Defence Recruitment System, on March 14th as a precaution.
As such, its recruitment systems have been down for most of the war in Ukraine!
How can Bechtle help you to avoid a similar threat? The key issues around this type of attack and more importantly exfil of data, shows that a full IT Security Health Check is required to identify the holes within the infrastructure.
A consolidated patch and vulnerability solution to visualise and remediate threats and provide stakeholder reporting.
Another consideration could be, MFA which will enhance your organisation's security by requiring your users to identify themselves by more than a username and password. While important, usernames and passwords are vulnerable to brute force attacks and can be stolen by third parties.
Bechtle provides a Swift Review free of charge to qualifying clients:
|
Want to know more about any of the updates listed above? Contact Alice for more information.
Phone: +44 1249 467 938
E-mail: alice.lee@bechtle.com