Webinar Recording: DevOps and the Service Desk

Recording of an SDI Webinar with Barclay Rae, IT Service Management consultant, and Adam OBrien of SunView Software talking about what DevOps means in practice for the service desk.

Webinar Recording: Prepare your enterprise for BYOD, IoT & Beyond with Pulse Secure

Is your network ready for the increasing enterprise secure access needs of enabling BYOD, Internet of Things (IoT), and beyond? The new Pulse Secure Appliance (PSA) Series will enable next generation secure access services to support the continuous evolving networking complexities for mobile, cloud, and datacentre. The new platform is faster, easier to scale, and more efficient than ever before. View our webinar where you’ll learn how the new Pulse Secure platform will change the dynamics of secure access for your company.

E-mail: the loaded gun – your employees could be pulling the trigger

by Guest Blogger, Shaab Al-baghdadi. F. IoD. Member of IAPP, Head of Strategic Relationships and Channel at Blackfoot UK Ltd.

Views expressed in this post are original thoughts posted by Shaab Al-baghdadi. These views are his own and in no way do they represent the views of the company.

It would be surprising if all CFO’s and CTO’s didn’t realise the need for appropriate security within their organisations. A loss of data can bring about reputational damage, direct financial loss, fines from regulatory bodies, large legal fees, an inability to trade whilst under investigation and now, class actions from individuals.

Companies in the FIS vertical form a strategic part of the economic infrastructure and, as such, are not just potential targets from cyber criminals but also cyber-terrorists, hacktivists and aggressive foreign states. The threat of attack is constant and ferocious, as can be seen from this real time map of cyber attacks from around the world: http://map.norsecorp.com/

Attacks can take many forms, most with the objective of obtaining information that can be manipulated for financial gain. Phishing is the use of e-mails in order to obtain usernames, passwords and other information that can be used against an organisation. This form of attack has increased since 2011. The reason? –  they are the path of least resistance for criminals, added to this the many ways a criminal can identify individuals within an organisation, LinkedIn, Facebook, Twitter etc. We have all had the rogue spam e-mail asking for “help with releasing a large amount of funds in an overseas bank” but this targeted attack, known as “spear phishing” is much more sophisticated and normally takes the form of a campaign rather then a single attempt.

The statistics speak for themselves.

A campaign of 10 e-mails has a 90% chance that at least 1 person will become a victim,

23% of recipients now open phishing messages and 11% click on the link. Nearly 50% click on the phishing link in the first hour, 60% of UK office workers receive a phishing e-mail every day and in a recent survey 80% of participants failed to detect 1 out of 7 phishing e-mails. (visit our previous blog ‘Phishing – Are you Ready to be Caught Out‘ for more information.)

What does this mean for your organisation?

A security breach for any organisation can be disastrous, however, for financial institutions a data breach presents some unique challenges. Clients are interested in performance and return, however, the associated damage to reputation and integrity can in many cases be long term and have a very real impact on client retention and acquisition. When a data breach is successful, clients are aware that criminals will use methods to extract their credentials. If an organisation can demonstrate a policy of security measures, this helps with the fallout and adverse media coverage as well as negotiations and reporting to the FCA and ICO.  What is less forgivable is if the breach was caused by employee negligence or naivety. Over the last two years more than two thirds of incidents that compromise the cyber espionage pattern have featured phishing. Employees are targeted because the process cannot be automated.  If phishing emails are the gun, then employees may unwittingly be pulling the trigger!

What do you need to do?

Education and staff training is the key to minimising the threat.  This is not just a technology issue, employees have to become aware of the threat and recognise the issue and the impact to the business and themselves.

Understanding the problem internally is the first step, followed by implementing a strategy to improve awareness and, finally, monitoring the improvements. Carrying out a simulated phishing attack to ascertain the scale of the problem, implementing an education program that has minimal impact on the businesses day-to-day function, but delivers maximum return, should be started immediately.  Network Utilities, in association with Blackfoot can arrange for a simulated phishing attack and report on the findings, as well as discussing options for staff education and would be more than happy to discuss this with you.

For more information and to discuss a free trial contact:

Anthony Mortimer, Business Development Manager, Network Utilities (Systems) Ltd.
amortimer@netutils.com
020 8783 3800

 

Webinar Recording: Why Phishing Attacks Work & What You Can Do About Them

It is generally accepted that by far the greatest risk to the security of your corporate data are your employees themselves who may unwittingly fall victim to phishing attacks. Industry figures indicate 60% of UK office workers receive a Phishing email at least once a day.

Yet a YouGov study funded by Bluecoat indicated that just 6% of British employees have received training in how to deal with phishing attacks. Find out in 15 minutes what you can do to significantly reduce the risk of a user unknowingly installing malware in your organisation.

Identity Centric Networks & Security

Identity Matters. We specialise in identity-centric network and security solutions. Understanding who is on your network, what they want to access, and how, allows us to deliver the best possible solutions to your business challenges. We partner with industry-leading technology vendors to ensure your network is fast, secure and highly-optimised.

Event Video: Network Utilities Security at Scale with Gigamon & Savvius

We work closely with Financial Services organisations and understand you have to provide the very highest levels of IT security. Find out how Gigamon and Savvius in partnership with Network Utilities can enable you to troubleshoot security and performance incidents in real-time and retrospectively… and do it with the scale and rigour that you need. View the video from our recent workshop.