The first 6 months of 2023 have, as always, been super busy for the team here at Next Generation Security. From exhibiting at DTX Manchester, to having our own stand for the first time at the National Cyber Security Show in Birmingham, our events calendar has been jam-packed. And to top it off, our very own Chief Information Security Officer Neil Peacock won CISO of the Year at the Computing Security Excellence Awards in April.
Neil is an (ISC)2 Certified Information Systems Security Professional (CISSP) with over 20 years of experience within the IT industry. Having worked for NGS and our sister company, Epaton, for the past 5, Neil is responsible for our hugely successful Virtual CISO service, designed and implemented by Neil to help businesses make strategic security decisions, manage their security risks, and provide ad-hoc help whenever it is needed. As a Cyber Essentials, IASME IG and IoT Lead Auditor, Neil’s extensive knowledge is second-to-none, evident in the growing technical team’s capabilities and impeccable customer feedback. Neil also offers ISO27001 consultancy and is supported by a full Governance, Risk and Compliance team.
After his highly deserved win, there has never been a better time to launch our brand new CISO Insights series. Neil will be sharing his perspective, along with his predictions, about the cyber security landscape, the evolving threats to organisations and professional advice on how to strengthen your security posture.
In this first instalment of the CISO Insights series, Neil shares his thoughts on what to look out for here:
Training and Workforce Mindset
Effective training programs act as a potent line of defence, empowering employees to identify and respond to potential security risks. By imparting knowledge about best security practices, emerging threats, and incident response protocols, organizations can instil a sense of responsibility and accountability among their workforces. Regular training sessions, workshops, and simulated exercises not only enhance employees’ technical skills but also promote a culture of security awareness.
Comprehensive training should encompass a range of security topics to address diverse aspects of cybersecurity. This includes educating employees about phishing attacks, social engineering techniques, secure password practices, data classification, and compliance requirements. By adopting a holistic approach, organizations can create a workforce that understands the multifaceted nature of cybersecurity and the need for proactive defence measures.
Training alone is not sufficient; cultivating a security-conscious mindset is equally crucial. Employees must be encouraged to develop a sense of ownership when it comes to protecting sensitive information. By emphasizing the importance of security in day-to-day operations and highlighting the potential consequences of a security breach, organizations can foster a collective responsibility towards cybersecurity. This mindset shift empowers employees to become proactive participants in the organization’s security efforts.
The ever-evolving nature of cyber threats requires a workforce that is adaptable and eager to learn. By providing ongoing training opportunities, such as industry conferences, webinars, and certifications, organizations can keep their employees up to date with the latest trends and technologies. Encouraging a culture of continuous learning not only enhances individual skills but also promotes innovation and resilience in the face of emerging threats.
Effective training and mindset cultivation start from the top. CISOs and senior leadership must lead by example, demonstrating a strong commitment to cybersecurity and making it an organizational priority. By allocating resources, setting clear expectations, and integrating security into the company’s vision and values, leadership can create a ripple effect that permeates throughout the entire workforce.
“Keys don’t work if you forget to use them”
No matter how advanced our security technologies may be, the human element remains a potential weak link in the chain. Cybercriminals often exploit human vulnerabilities through techniques like phishing, social engineering, and insider threats. Raising security awareness among employees is crucial to minimize the risk of these attacks. Employees must understand that they are the first line of defence and that their actions have a direct impact on the organization’s security posture.
Security awareness is not a one-time event; it requires ongoing reinforcement and reminders. Regularly reminding employees about security practices through newsletters, posters, internal communications, and interactive activities helps keep security top of mind. Encouraging employees to report suspicious incidents or potential vulnerabilities further strengthens the security culture and promotes a proactive response to potential threats.
Cyber Hygiene- authentication
Implementing practices around password strength, changes, sharing, and reusing is simple, but often overlooked. The use of two-factor authentication, or multi-factor authentication, has nearly doubled since 2020, with phishing-resistant authenticators representing the best choice in terms of security and convenience, according to Todd McKinnon, co-founder, and CEO of Okta.
The technology industry is best placed to move to a passwordless future, with 87% of account logins already using MFA- when will you? Our partner Censornet provide an adaptive, cloud-based multi factor authentication solution, for a friction-less user experience, eliminating account compromise and identity-related threats.
Patch management/life management
Developing a well-defined policy to protect your organisation against cybersecurity threats is essential, but many organisations choose to ignore implementing a patch management policy.
Patches are often issued to fix problems, but they can also provide improvements. Keeping your organisation’s systems and resources patched ensures you are getting the most out of your solutions. Also, by implementing a solid, effective policy, your organisation avoids monetary policies that can occur through non-compliance.
Misconfiguration visibility is key
Misconfigurations are the root cause of 80% of cyber-attacks, according to Microsoft, with default settings, human errors and non-applied policies being examples of device misconfigurations. You can’t fix what you can’t see, and getting visibility of these security risks can be challenging, time consuming and expensive.
NGS works closely with Gytpol, who provide a complete view of your security gaps through continuous monitoring of all your devices. Then, using Gytpol’s “Remediation with Zero Impact” technology, you can automatically remove the risks rapidly and ensure your devices are continuously hardened. Our customers are achieving brilliant security resilience with Gytpol’s Validator tool, and I would recommend reading our recent case study with Mid Cheshire NHS (click here to read).
Alerting and monitoring
Beyond simply responding to alerts, proactive threat hunting involves actively searching for signs of potential security threats. This approach helps identify threats that may go unnoticed by traditional alerting mechanisms. By leveraging advanced analytics, threat intelligence, and behaviour-based detection techniques, organizations can proactively identify and neutralize emerging threats before they can cause significant harm.
Alerting and monitoring systems provide real-time visibility into an organization’s network, systems, and applications. By monitoring various data sources such as logs, network traffic, and system events, organizations can detect anomalies, unauthorized access attempts, and potential security breaches. Timely alerts allow security teams to investigate and respond promptly, mitigating the impact and minimizing potential damage.
Many industries are subject to strict compliance and regulatory standards governing data privacy and security. Robust alerting and monitoring systems help organizations meet these requirements by providing evidence of continuous monitoring, incident response, and adherence to security policies.
Effective alerting and monitoring systems streamline incident response processes. By automating the collection and analysis of security event data, security teams can prioritize and triage incidents efficiently. Quick identification and response to security incidents minimize operational disruptions, reduce downtime, and limit the potential financial and reputational impact on the organization.
A well-designed alerting and monitoring infrastructure provides centralized visibility across an organization’s entire IT landscape. This holistic view enables security teams to detect patterns, identify trends, and correlate events across different systems and applications. Centralized visibility helps uncover potential security gaps, identify weak points, and strengthen overall security posture. As winner of the Security Storage Reseller of the Year for the past 4 years, NGS continue to provide exceptional value for our 200+ customers, whilst acting as trusted advisors through our technical and consultancy capabilities. Drop us a message via our contact form to discuss your requirements and see how we can be part of your security resilience plan.