You can download this infographic from the National Cyber Security Centre on the link below.
How can organisations protect themselves in cyberspace?
An effective approach to cyber security starts with establishing an effective organisational risk management regime (shown at the centre of the above diagram). This regime and the 9 steps that surround it are described below.
https://www.ncsc.gov.uk/content/files/protected_files/guidance_files/NCSC%2010%20Steps%20To%20Cyber%20Security%20NCSC.pd
1. Risk Management Regime
Embed an appropriate risk management regime across the organisation. This should be supported by an empowered governance structure, which is actively supported by the board and senior managers. Clearly communicate your approach to risk management with the development of applicable policies and practices. These should aim to ensure that all employees, contractors and suppliers are aware of the approach, how decisions are made, and any applicable risk boundaries.
2. Secure configuration
Having an approach to identify baseline technology builds and processes for ensuring configuration management can greatly improve the security of systems. You should develop a strategy to remove or disable unnecessary functionality from systems, and to quickly fix known vulnerabilities, usually via patching. Failure to do so is likely to result in increased risk of compromise of systems and information.
3. Network security
The connections from your networks to the Internet, and other partner networks, expose your systems and technologies to attack. By creating and implementing some simple policies and appropriate architectural and technical responses, you can reduce the chances of these attacks succeeding (or causing harm to your organisation). Your organisation’s networks almost certainly span many sites and the use of mobile or remote working, and cloud services, makes defining a fixed network boundary difficult. Rather than focusing purely on physical connections, think about where your data is stored and processed, and where an attacker would have the opportunity to interfere with it.
4. Managing user privileges
If users are provided with unnecessary system privileges or data access rights, then the impact of misuse or compromise of that users account will be more severe than it need be. All users should be provided with a reasonable (but minimal) level of system privileges and rights needed for their role. The granting of highly elevated system privileges should be carefully controlled and managed. This principle is sometimes referred to as ‘least privilege’.
5. User education and awareness
Users have a critical role to play in their organisation’s security and so it’s important that security rules and the technology provided enable users to do their job as well as help keep the organisation secure. This can be supported by a systematic delivery of awareness programmes and training that deliver security expertise as well as helping to establish a security-conscious culture.
6. Incident management
All organisations will experience security incidents at some point. Investment in establishing effective incident management policies and processes will help to improve resilience, support business continuity, improve customer and stakeholder confidence and potentially reduce any impact. You should identify recognised sources (internal or external) of specialist incident management expertise.
7. Malware prevention
Malicious software, or malware is an umbrella term to cover any code or content that could have a malicious, undesirable impact on systems. Any exchange of information carries with it a degree of risk that malware might be exchanged, which could seriously impact your systems and services. The risk may be reduced by developing and implementing appropriate anti-malware policies as part of an overall ‘defence in depth’ approach.
8. Monitoring
System monitoring provides a capability that aims to detect actual or attempted attacks on systems and business services. Good monitoring is essential in order to effectively respond to attacks. In addition, monitoring allows you to ensure that systems are being used appropriately in accordance with organisational policies. Monitoring is often a key capability needed to comply with legal or regulatory requirements.
9. Removable media controls
Removable media provide a common route for the introduction of malware and the accidental or deliberate export of sensitive data. You should be clear about the business need to use removable media and apply appropriate security controls to its use
10. Home and mobile working
Mobile working and remote system access offers great benefits, but exposes new risks that need to be managed. You should establish risk based policies and procedures that support mobile working or remote access to systems that are applicable to users, as well as service providers. Train users on the secure use of their mobile devices in the environments they are likely to be working in.
The 10 steps guidance is complemented by the paper Common Cyber Attacks: Reducing The Impact. This paper sets out what a common cyber attack looks like and how attackers typically undertake them. We believe that understanding the cyber environment and adopting an approach aligned with the 10 Steps is an effective means to help protect your organisation from attacks.
We are entering a new era of IT. One that fundamentally reimagines where we work, the way we work, and how we provide the tools for work. The first era was mainframes. The second, client/server. We are now embarking on the Third Platform era: a confluence of the Internet of Things, Big Data, Social and Mobility. Creating synergy in all aspects of our lives, that have not been connected previously.
So, what are we doing about it?
We are untethering from the traditional desktop, both as a physical surface, and as a machine. Software is rented as a service, data is seamlessly accessed across multiple devices and business is conducted whenever and wherever it can be. Today is only the beginning of this paradigm shift and businesses are yet to catch up to the cultural and technological changes occurring around them.
Fear not, this is a relatively new cultural and technological shift and there is no better time than now to get informed and start making your own plans to adapt to these changes. Have a read of our Business Technology white paper all about the Workplace of the future, and the technology that will power it.
In this white paper, you’ll find:
• The Technology that is redefining the workplace.
• Managing disruptive IT.
• The demands and characteristics of a Millennial workforce.
• Office work styles to adapt to.
• HP Device as a service.
• What to expect from the future office: 5 innovations.
• How to prepare for the future, now.
Download the white paper
Extortionists know that the availability of backups often determines whether they can collect on their ransom demands. Those without sufficient backups are forced to choose between paying the ransom or suffering the loss of data. For this reason, business continuity, specifically backup systems, are prime targets for attackers wishing to inflict maximum damage and increase the likelihood of a payout.
Preventative controls that are implemented must be augmented with an effective recovery framework. These frameworks should address a fluid, rapidly-changing threat landscape through flexibility, integration, and agility of their own. When considering a cyber-resilient strategy, it should include three key components: isolation, orchestration, and rapid recovery.
Isolation: Physically Separate Your Back-Up Data
The last decade has seen the decline of tape as a primary backup medium while disk and cloud-based replication systems supplanted the technology. Traditional tape systems suffered from relatively slow restore capability, especially for non-sequential data, but they had one attribute that is sometimes missing from disk and cloud backup replication, namely isolation. Replication without isolation often results in encryption of both primary and replica data-sets when ransomware strikes.
Isolation can be performed through air gaps or through logical mechanisms designed to protect backup sets from being overwritten. The air gaps approach physically and logically separates data from the rest of the network. One simple example of air gaps is to back up to a removable hard disk and then store the disk in a safe. More complicated scenarios are often used in the business world, and air gaps has been a standard procedure in many government installations. However, air gaps often relies upon a human element. In the hard drive example, someone must disconnect the drive when the backup completes and move it to a safe location. A backup set mistakenly left attached to systems would lack the protections afforded by air gaps. We humans are all too frequently proven unreliable at performing such tasks consistently without robust processes and accountability. This presents a potential point of failure in the system.
The second method of isolation relies on software to implement protections for the backup sets. Such systems prevent altering of backup sets once they are written according to system policy and the policy is highly restricted, audited, and controlled to prevent unauthorized changes. This form of isolation would prevent an administrator from removing or changing a previous backup set prior to backup retention period expiration.
Orchestration: Automate Your Quarantine Controls to Reduce the Scope of Impact
Ransomware and other destructive malware are designed to rapidly propagate and then swiftly encrypt valuable data. The speed of such attacks requires that companies implement monitoring and analytics across systems to quickly identify malicious behavior.
The speed of malware far exceeds that of human response, yet the initial response to such threats is often well understood. This makes automation the ideal method to address threats in real time. Incident response orchestration uses triggers from monitoring systems to automate the execution of predetermined workflows to quarantine the threat and reduce the scope of impact. For example, Dell EMC Cyber Recovery can be leveraged to analyze data to detect activity such as ransomware. As ransomware begins to encrypt a network share, monitoring and analytics would detect the encryption and kick off workflows to attempt to stop the ransomware and isolate the system for investigation. This prevents the ransomware from impacting other systems and does so without the need to wait for human intervention.
Rapid Recovery: Invest in Protective Measures That Will Prevent Future Loss
Rapid recovery is the third key component of cyber resiliency. As mentioned earlier, IT systems are critical to business success, but in some cases, downtime of IT systems could result in loss of life, such as in healthcare and critical infrastructure. Every organization will suffer a downtime at some point and systems should be put in place to restore system or data availability according to the business need in such an event.
A benefit of rapid recovery solutions is that recovery and investigative steps can operate in parallel. In the example above, the system infected with ransomware was isolated from the network, but this prevents users and applications from accessing that data. Rapid recovery solutions may need to mount snapshots of the affected data and then remap resource pointers to the recovery location.
Implementing The Framework
Not all data requires this level of protection, so the first step in implementing this level of protection is to identify the mission critical data sets. Investing in management and automation software, like Dell EMC Cyber Recovery, can be implemented on 10-15% of an organization’s disaster recovery scope. Companies then select critical data based on its direct and indirect use, including how the data impacts systems and processes across the enterprise.
Our economy and our lives are increasingly digital. As such, the systems and data that underpin our digital economy are essential to company success. However, cyber resiliency supports the business when other controls fail. Make your company cyber resilient now to prevent future disaster.
Every year our team step away from their desks to attend our coveted Annual Achievement and Recognition Awards. This year’s Annual Awards took place on Friday, 30th November, and what a cracking night it was. Team OryxAlign were on top form as there was plenty to celebrate, not that we ever need an excuse to enjoy each others company.
At OryxAlign we are extremely proud of the attributes our team players possess, and it truly reflects in the projects and work we do each day. Our awards night demonstrates the individual achievements, contributions, and performance of our team.
This year’s winners were as follows:
1. Best sense of humour & funniest was won by Peter Schwartz
2. Most fashionable & best dressed was won by Michelle Cowan
3. Best Service Desk engineer was won by Ollie Beswick & Matt Curran
4. Best NOC engineer was won by Sam Bricenio
5. Best Project & Onsite engineer, was won by James Abbotson-Hill
6. Best operational/administrative support was won by Claire Griffin
7. Team player of the year was won by Mark Waldmeyer
8. OryxAlign Employee of the year 2018, was won by Ali Ball
A huge congratulations to all our winners!
There has been some extremely impressive work and commitment from all our winners, but collectively, and working as a team, OryxAlign continue to thrive and excel.
View our photos from the event here!
More than 23,000 men, women, and children die in the US every year from antibiotic-resistant infections, while over 4,000 Americans perish from influenza annually. In addition, over 100 million suffer from chronic pain and 3.9 million adults in the US are diagnosed with liver disease. Shionogi, an international pharmaceutical firm, has dedicated their business to supplying the best possible medicines to protect the health and well-being of patients around the world.
With over 50 years of anti-infective research experience, Shionogi has helped revolutionise the development of antibacterial and anti-viral treatments. They are also pursuing the development of new treatments in other areas of high medical need, including inflammatory pain, neuropathic pain, Alzheimer’s disease, and ADHD.
OryxAlign are delighted to announce that their technical expertise and dedicated support now underpins the heart of Shionogi’s work. By providing award-winning support and technology to Shionogi, OryxAlign ensure that their vital research is both available and secure, enabling their life-changing medical advancements to continue.
Welcome to the OryxAlign family, Shionogi!
OryxAlign are thrilled to announce that we have expanded our Microsoft certifications and have now become a Microsoft Gold partner in Small to Midmarket Cloud Solutions.
Gold partner status is the highest Microsoft partner level available, and is only earned by select partners that have demonstrated exceptional technical expertise with Microsoft solutions and have a significant number of successful customer deployments and client references. In addition to providing proof of service excellence, Gold partners must pass stringent exams, and OryxAlign engineers must all be certified, demonstrating deep technical knowledge in the Microsoft Cloud Solutions arena.
“Achieving Microsoft Gold Small to Midmarket Cloud Solutions reflects our continued commitment to helping our clients optimise their business,” said Carl Henriksen, CEO of OryxAlign. “We are delighted to be formally recognised for the exceptional level of support which we provide to our clients, and to be placed in the very small percentage of Gold level Microsoft partners. This achievement wouldn’t have been possible without a huge collective effort between our sales, technical, and procurement teams, so well done to everyone who has helped take OryxAlign to the next level.”
In addition to our recently acquired Gold partner status, OryxAlign are also proud to have Silver status in the Cloud Platform, Datacenter, and Collaboration and Content provider segments.
We’re delighted to announce that OryxAlign won Security Project of the Year 2018 at the Annual Computing Security Awards. We were also runner up for the “One to Watch” Security Company.
This is an incredible achievement and testament to the hard work and commitment our project & engineering teams invest into doing what they do. To be recognised and rewarded in the public eye is fantastic, and it continues to establish OryxAlign as one of the leading technology service providers in the UK.
Thank you to everyone who voted and supported us!
EcoWorld International is a real estate developer with six current projects in the UK totalling a value of c.£2.7bn.
With a commitment towards developing high quality residential-led, mixed-use developments in mature markets as well as growth potential and favourable macro-economic conditions, they strive for excellence in all aspects of their operations. This is premised on the need to strike a balance between their business objectives, the environment and a healthy and safe work culture.
EcoWorld London (previously Be Living) has significant instant growth plans following the joint venture that was finalised earlier this year. They are expected to deliver over 10,000 new homes across London and the South East. EcoWorld are for this reason, adopting partners and suppliers who are able to support their growth aspirations and the speedy evolution of the business.
OryxAlign have been selected by EcoWorld as their managed technology services partner. Based on OryxAlign’s in depth understanding and proven track record in the construction & real estate sectors together with the quality and maturity of its technology services portfolio, their reputation and proven responsiveness and their personal and flexible approach, OryxAlign will be working alongside EcoWorld in the UK to deliver a range of critical managed technology services and infrastructure enhancements.
Carl Henriksen, OryxAlign CEO, has commented: “EcoWorld are a fantastic addition to our client portfolio and they further strengthen our reputation for the delivery of critical managed technology services into the property & construction sectors. It’s great to support and work with a company such as EcoWorld who are investing back into the community and creating exceptional homes across the UK. My team and I look forward to our journey together.”
We are excited to announce that OryxAlign has been shortlisted in the Best Cloud Support Provider category at the Computing Cloud Excellence Awards.
Winners will be announced on the 19th September. Fingers Crossed….
In this white paper, you’ll find – An overview of the new enterprise architecture, Detailed descriptions of new risks, How to protect against attacks inside the perimeter, What the BeyondCorp model entails
The Theory Behind Google’s BeyondCorp Security Model
The new enterprise architecture is redefining the perimeter – data is stored outside of corporate walls, and a more mobile workforce is working remotely. This dynamic new environment requires a new security model, to address the insider risk, vulnerable endpoints, policy gaps and more.
Read this primer on Google’s BeyondCorp model, a robust framework developed to ensure “zero-trust” – to assume that no traffic within an enterprise’s network is any more trustworthy than traffic coming from outside the network.
Find out how you can implement a similar security model in your organization with the help of Duo Beyond:
- Identify corporate vs. personal devices
- Easy certificate deployment
- Block untrusted endpoints
- Give users secure access to internal applications
Download the E-Book
