We’ve teamed up with XQ Cyber to bring CyberScore™ to our customers.
With the cost of cyberattacks increasing, the need for businesses and organisations of all sizes to get a clear overview of their cybersecurity posture has never been greater.
The partnership with XQ Cyber means that our customers will be able to use an award-winning automated security testing service to get a clear overview of their organisation’s cybersecurity posture. CyberScore™ converts vulnerability data into an immediate score out of 10 and highly informative Get Well Plans and Risk Management Reports and allows you to:
Continuously understand your cybersecurity posture
Track your progress and watch your cyber health improve as mitigation measures are implemented
Track cyber risks across supply chains and third parties without the need for consultants or questionnaires
Set minimum standards, hold suppliers and service providers to account
Dispense with impenetrable reports. Instead, receive a clear and concise Get-Well Plan that can be shared with staff and service providers
Dramatically reduce the cost and improve the quality of compliance penetration testing
CyberScore™ streamlines what was once a very time and resource intensive task, providing users with a clear oversight of what areas of their security may need improvement.
XQ Cyber director Rachel Hudson said;“We are delighted to have formed a partnership with Network Utilities to bring CyberScore™ to their customers. Working together we can help them reduce the threats posed by the constantly evolving cybersecurity threat.”
London, 28th March 2019: Network Utilities Ltd, a leading integrator of network and security solutions, has announced the successful acquisition of Metropolitan Networks, a provider of customer-centered network support and security managed services, that will create the UK’s leading specialist integrator of identity-centric network, security and data solutions and services to enterprises, telcos, MSPs and ISPs.
The newly enlarged Network Utilities
will also gain its own on-premise data centre and 24/7 Network Operations
Centre in the UK and new offices and staff in the Middle East, Caribbean and
West Africa to support an expanded roster of international clients including Cable
& Wireless, Judiciary of Trinidad & Tobago and Nutrien.
The combined company has over 400
enterprise and service provider clients including many listed within the FTSE
100 along with household names in financial services, education, healthcare and
“This acquisition marks a great day in our 25 year history and brings together two companies that have a highly regarded and trusted reputation with clients and partners,” said David Bundock, Chief Operating Officer.“As one of the oldest serving specialist solution providers with customer relationships that span over a decade, Network Utilities has focused on excellence over growth. However, with this deal, we now have the depth and breadth of people, technologies and services to expand our customer footprint without sacrificing the values that have made us so successful.”
Michele Lewington, one of the original founders and Managing Director of Network Utilities for 25 years commented: “I am delighted to hear this news. The two companies have worked together on various projects over many years and both bear the hallmark of ethics and service that customers have come to expect. My heartfelt thanks go to those Network Utilities employees who are amongst some of the most talented, hardworking and loyal of all in the industry. It is their commitment to the business over many years that has enabled me now to leave the company in safe hands to enjoy semi-retirement and the pursuit of other interests.”
The acquisition, for an undisclosed
sum, will see Network Utilities take over all staff, premises and ongoing
maintenance contracts from Metropolitan Networks with a full equivalency of
agreed service level agreements. All staff will consolidate at new headquarters
in Orpington which will also maintain the new Network Utilities NOC and data
“Metropolitan Networks has grown rapidly, and the last 15 years has been a fantastic journey,” explainsAshok Thomas, Chief Executive Officer and founder of Metropolitan Networks. ” However, to keep on meeting the expectations of our clients while expanding the business proved challenging through organic growth alone. This investment by Network Utilities and the merging of expert technical and sales teams into a new entity offers our existing clients more benefits, including access to some of the best security focused people in the UK plus a management team that have vast experience in successfully growing a business over the last two decades.”
The new company hold top tier
accreditations from key vendors including Juniper Networks, Pulse Secure and
Fortinet as well as in-house CISSP experts and Security Clearance for its
ongoing work with several UK governmental and security agencies. Network Utilities
also holds ISO 9001 and 27001 certifications.
“At a time of uncertainty around the UK’s place in Europe, the deal also expands our footprint into new regions around the world such as the Middle East, the Americas and Africa where, although initially small, we have long established, international clients that offer us growth potential,” says Paul Rowe, Sales Director, “Our enlarged size and new areas of the business such as training, private cloud and Cyber Essentials certifications also provide us with a more rounded portfolio that allows us to offer additional value added services that are beneficial to both existing and new customers.”
Commenting on the announcement, Mike Catlin, CTO for Polar Capital Holdings Plc; a long-standing client of Network Utilities said, “Network Utilities have been a trusted service provider for over 10 years. Finding a supplier that consistently offers insightful expertise to help us deliver stable IT while meeting complex cybersecurity requirements is always a challenge and knowing that we will be able to retain this relationship over the longer term is good news for us.”
Ashok Thomas, CEO, Paul Rowe, Sales
Director and David Bundock, COO are all available for interview or additional
The detection method for preventing malware is fundamentally flawed, yet it is still the de facto standard in cybersecurity. Day after day, organizations scramble to protect against a growing number of threats, but all it takes is one piece of malware to go undetected to wreak havoc on IT systems.
Ironically, this was predicted by Alan Turing more than 80 years ago. His work proved no standard algorithm could ever predict an outcome for every possibility without falling into a logical paradox because of the halting problem. The halting problem proves that an algorithm cannot predict from a general description of a program and an input whether the program will finish running or execute forever.
The same logic applies to malware detection. A standard algorithm cannot be relied on to correctly identify every single threat that comes knocking because the volume of threats is large and varied, with previously unseen threats emerging every day.
A detection-based approach deployed by IT teams is akin to casting out a net, where the net will either be so large that it tangles itself, or it won’t be cast wide enough and will invariably allow some things to be missed. IT teams are trying to solve this problem by adding more layers to their detection solutions, but all this is doing is casting more nets plagued by the same problems.
Detection-based solutions can Over-complicate security landscapes
Hackers are resourceful, utilizing new tactics – such as polymorphic malware and zero-day exploits – to bypass detection-based software and break into critical IT systems. For example, in the Locky ransomware campaign, hackers customized the malware to execute after the fake document was closed, making it much harder to spot and bypassing the majority of detection-based AV solutions.
Instead of focusing on detection, organizations that are serious about security are starting to rely on segmentation. By segmenting networks and applications, businesses are seeing that they can prevent malware from causing harm and keep data and networks safe.
Segmentation offers businesses protection, but it relies on PCs or applications only having access to limited areas on the network. Early iterations failed to achieve a great uptake because adding new PCs to this system can be incredibly expensive and time-consuming during deployment.
Segmenting IP and sensitive data could also still leave users at risk if they don’t isolate the applications that are being used to access this data. Without a solution to these problems, network segmentation has largely failed to get off the ground and detection has persisted as the leading cybersecurity approach.
By focusing on isolation, security Is simplified and end users are protected
Everybody wants to be able to use technology to do more with less. In this instance, it means deploying more effective and reliable cybersecurity solutions. However, detection involves the complex process of “preventing, detecting, and responding”, where multiple layers of security are deployed to identify malware before it hits. However, these layers simply aren’t sufficient to protect against the volume and sophistication of the ransomware and targeted phishing attacks that are prevalent today. As you might expect, it also creates a tremendous expense.
While there are a few choices available that provide isolation, solutions that do this using virtualization are effectively bullet-proof. While no one can promise 100% protection, virtualization that starts on the chip, stops Meltdown, dramatically limits Spectre and works online or offline, can protect what’s targeted the most: endpoints.
Real solutions with a virtual defense
Isolation through virtualization works by allowing applications to open and carry out each task in its own self-contained virtual environment. This means that every tab that is opened in a browser, every Office or PDF document attached to an email, or any file that runs an untrusted executable, will be opened in an entirely isolated virtual environment that’s running on the hardware itself. The result is that any threat caused by an action in this environment won’t have access to anywhere else on the system and can be easily removed by simply destroying the virtual environment.
This allows users the freedom to download files and open documents, safely, knowing that they are no longer the last line of defense – giving users the ability to click with confidence. In fact, end users can let the malware run, because it doesn’t do any damage, and it allows IT teams to get detailed threat analysis. Users can get back to work; recruiters and HR teams can open emailed CVs, marketers can carry out research even if they click on a phishing link, and R&D teams can share downloaded resources without the fear of being stung by malicious files or links.
For organizations using this new approach, there is less worry. Virtualization-based security is being adopted by the giants: HP and Microsoft now use virtualization-based security to protect users. This is just the tip of the iceberg and marks the beginning of a virtualization revolution in security, where users no longer fear opening links and attachments and organizations can let their teams focus on innovation without worrying about making a security mistake.
About the Author
By Fraser Kyne, EMEA CTO, Bromium Fraser’s role has encompassed a wide range of both engineering and customer-facing activity. Prior to joining Bromium Fraser was a Technical Specialist and Business Development Manager at Citrix Systems. He has been a speaker at various industry events on topics such as virtualization, security, desktop transformation, and cloud computing.
The modern email threat. The simple plain text email appearing to come from the CEO asking the junior finance or accounts payable team member to immediately settle the overdue invoice from an irate supplier, that has just called them personally to complain.
Call it Business Email Compromise (BEC) or CEO Fraud, it’s still a targeted phishing attack, and the number of incidents has been rising steadily. Trend analysis here at CensorNet shows that these emails will soon account for 1% of all emails processed – or 1 in every 100 messages our customers receive.
Defending against this particular threat continues to be a major focus for the team, and an area of significant innovation and investment.
Whilst FBI Operation WireWire resulted in the arrest of 74 individuals in multiple countries last week – that still leaves plenty more Phish in the sea.
The problem with CEO fraud email messages is that they are notoriously difficult to detect.
In a recent attack, the only attribute of a message that was changed was the ‘Header From’ field. The display name in Outlook (other email clients are available) showed the CEO’s name.
(Note: Even the From address in < > next to the display name showed something similar to this email address – firstname.lastname@example.org – which should have been enough to alert the user, but security education is not the topic of this blog post).
Nothing about the sender or sending server was suspicious. The IP address was not in any blacklist, the MX record was valid, the sending server matched domain and responded to an smtp probe. There was no SPF record.
We’re still undecided as to whether this makes the attacker super-smart or simple-stupid. The simplicity of the attack meant the message was likely to make it through most email defences, but would rely heavily on the recipient user being half asleep.
What this example does provide, is crystal clear evidence of the need for an ultra-modern and multi-layered approach to email security.
Traditional pattern matching / recurrent pattern matching technology is as much use as a chocolate teapot.
Content analysis – looking for message content that includes ‘urgent wire transfer’ or similar language can be effective but comes at a price. And that price is a risk of false positives – incorrectly identifying legitimate emails as ‘Suspect’.
Although, you could argue that quarantining the occasional message chasing payment of an invoice will help cash flow and is still better than inadvertently transferring $25,000 to an account in China or Hong Kong.
Algorithmic analysis is a powerful weapon in the arsenal for identifying scam emails, but even with over 1,000 algorithms examining over 130 elements of the message (in less than 200ms, about half the time it takes to blink), there was little (read nothing) to fire on in this case.
What was interesting about this particular attack was the domain that was used. It wasn’t a recently registered or new domain – it was almost a month old. It wasn’t a nearby domain (or cousin or typosquatting domain), so Levenshtein distance (one of our favourite algorithms due to its power and simplicity) wasn’t helpful. But. The registrant had a history of criminal activity – registering domains and using them in attacks – and that meant a high threat intelligence risk score.
What the attack also highlights is the need to identify the real names of key individuals in external emails – particularly in ‘Header From’. Building a list of names of the executive team and board members, and anyone else that’s an active spokesperson for the organization, and quarantining messages that contain those names, might not be sophisticated but is still a very valid defence.
As a last resort, some email security solutions rely on the user entering in to a conversation with the attacker – asking for more details about the outstanding invoice, or exactly what detailed (confidential or personal) information the sender needed – building up a risk score with each message exchange until a threshold is reached.
CensorNet invest in combining technologies and techniques that identify and block the initial inbound email. Tracking smtp conversations is still interesting. If a user receives an email from a sender for the first time that also contains potentially suspicious content, then a banner across the top of the email advising caution might just be enough to cause them to stop and think!
Ultimately a combination of content analysis, threat intelligence and executive name checking would have stopped this super-smart, simple-stupid attack. Is it time to think differently about email security.
During this webinar you will learn how our service: ✓ Addresses the very real threat of insecure web applications ✓ Provides a snapshot of your current security posture highlighting issues requiring attention ✓ Quickly discovers security flaws in your network perimeter ✓ Scans and re-scans at your convenience and no extra cost ✓ Gives you reporting that’s simple to understand ✓ Provides evidence of ‘best practice’ whilst balancing budget expectations
Here at Network Utilities we offer a range of services and enhanced support from simple pen testing to 24/7/365 telephone support to fully managing your IT security. The aim is to remove the burden of niggling IT issues or staff shortages allowing you to focus on your critical projects and business objectives.
Watch our snappy 30 minute webinar with our Principle Technology Strategist; Malcolm Orekoya and hear about our:
Network and Security Health
Training and Support services
Enhanced Support Services
Do you need any more info? Call us on 020 8783 3800 or fill out the form below.
The financial implications of not being compliant are enormous let alone the reputational damage that comes with a data breach! Data moves throughout your organisation at an alarming rate and data privacy will affect all parts of your business.
We can provide you with practical, pragmatic advice on meeting and maintaining regulations such as GDPR and the incoming ePrivacy regulation enabling organisations like yours to meet regulatory obligations and business goals.
Watch our on demand webinar and get some key questions answered:
Will there be a grace period?
Who owns the risk when it comes to data in your organisation?
What is data portability?
What is a data protection officer?
Is it mandatory to have a data protection officer?
How and when do you obtain consent?
Will you need a Privacy Impact Assessment?
What actions should you take next?
Register here to join our next webinar in the series on the 12th September – Network Utilities Managed Security Services.