The problem
Although we are all used to hearing that cyber-crime is increasing, there is no real understanding of just how significantly it is rising unless you are an IT technician or are unlucky enough to be its victim. These same IT technicians and victims also understand the damage that is caused by a cyber breach. If you find your IT team are putting pressure on you to be more cyber aware and invest in cybersecurity, you should thank them for being proactive!
Carden IT Services are here to let you know of the potential dangers in the cyber landscape and how to protect yourself against them. It is up to you to choose the level of protection for your business and our packages have been built to give you a choice of different protection levels. We present, you choose, we deliver.
Let us be clear, no successful cyberattack is ever minor. Usually, a successful attack will lead to a significant loss of business, a large financial loss, stress, reputational damage, and embarrassment. Note that we said “and” and not “or”, that’s because all of these risks can be a factor in a cyberattack.
The solution
“Cybersecurity is now more than just a product”.
Cyber Resilience = Identify > Protect > Detect > Respond > Recover.
Cyber Resilience is a measure of a business’s strength in preparing for, operating throughout, and recovering from, the eventuality of a cyber-attack.
Cyber Resilience relies on the successful ability to identify, protect, detect, respond, and recover quickly from an adverse cyber event and combines the IT disciplines of cybersecurity, business continuity, and incident response.
How does cyber-resilience protect you?
Our cyber-security packages are only available to our business IT support clients. The reason for this is that to be confident in the security of your networks we need to be the end-to-end solution for those who take cybersecurity seriously. This starts with us providing the right products as part of our IT support packages, which then enable us to deliver on our cyber-defence monitoring and protection plans.
Phase One – Cyber Essentials
All packages start with a Cyber Essentials certification which is part of a UK government scheme (more details on Cyber Essentials can be found here). Depending on the organisation and their IT this may be a Cyber Essentials or a Cyber Essentials Plus certificate. Read our Cyber Essentials Certification blog.
In simple terms, to qualify for Cyber Essentials certification, you must ensure you are compliant in these five areas:
- Secure internet connection.
- Secure devices and software.
- Controlled access to your data and services.
- Protection from viruses and other malware.
- Your devices and software are up to date.
Price wise, the expense of a Cyber Essential certificate is a set £350 cost paid to the certification board, plus the time for your IT team to complete the assessment, which involves a questionnaire and an assessor certifying the results. A Cyber Essentials Plus certification, however, involves the certification board physically testing the security of your IT, so the cost will depend on the size and complexity of your IT network. Organisation approaching this themselves without a third-party IT provider will encounter issues:
- An initial outlay in month 1.
- Changes in the business could see you fall out of the scope of the requirements, but you are still technically certified. We believe all businesses should endeavour to remain at a certified level long after their exam day.
Our packages take your Cyber Essentials or Cyber Essentials Plus certification cost, and rather than ask you to pay it upfront, we bundle it into our service and spread the cost over a 12-month period.
On top of this, your business is assigned a dedicated cyber-defence team, who Identify > Protect > Detect > Respond, every day, monitoring all your physical devices, your cloud solutions, and your credentials on the dark web. This team also trains your staff on cybersecurity threats and best practices. But most importantly, your dedicated cyber-defence team will completely secure your IT system to prevent any unwanted access.
Phase Two – Identify and Protect
- What services do you use? For example Exchange Online, SharePoint, Teams.
- When do you use them? For example time of day, weekends, 24/7.
- What devices do you use them from? For example desktops, laptops, mobiles and tablets.
- Where do you use them? For example IP addresses, geo-location.
We spend a considerable amount of time designing, managing, and most importantly maintaining your cybersecurity plan, designing an internal compliance structure which is bespoke for your company.
Quite simply, if access is not required from a specific device type, location and/or IP address, it is restricted. Rather than starting from the viewpoint of “who needs most the access” our thought process begins with the question “who needs the least access?”. We restrict as much unnecessary access as possible to minimise the number of possible attack vectors.
Any future IT changes are risk-assessed, documented, and protected, ensuring you are cyber complaint 24/7/365, not just on your exam day.
We also utilise every single software asset you have. Antivirus is constantly monitored and managed, web filtering is locked down as much as required, devices are encrypted, and Mobile Device Management added where licenses allow. For more information on MDM, please see our blog post on Microsoft Intune.
Phase Three – Detect
A managed Service Operations Centre (SOC) is installed and used to monitor and alert on all of the endpoints identified in phase two. This SOC monitor is added onto every available endpoint, be it a device, cloud asset, password, or service. Any alert raises a ticket with us, which is assigned to one of our engineers. Our SOC runs externally to our clients’ networks, and all monitoring is secured down to the individual IP address.
This advanced security also occurs for your other IT software assets. We monitor your antivirus, ransomware protection, and web filtering systems, raising automated alerts to our team for any suspected breaches.
Finally, we also add any vendor alerting available to us, for example the Microsoft 365 Security and Compliance Centre’s.
Phase Four – Respond
Anything suspicious is immediately flagged up to our cyber team, who address the concern, adding any additional protection required to prevent future events. An example of such an event could be a password leak onto the dark web from a compromised website. In this instance, our cyber team would immediately contact the compromised user and enforce a mandatory password change.
How much will this service cost?
Our cyber package price varies, depending on:
- Whether you are ensuring compliance with Cyber Essentials or Cyber Essentials Plus.
- The number of devices used in the business.
- The number of users in the business.
- The complexity of geo-locations required by the business.
All packages are a minimum of 1 year, as your Cyber Essentials cost is spread across that term, added to it the other services provided above. Following year 1, renewals are discounted based on the renewal of Cyber Essentials\Cyber Essentials Plus, which is cheaper to process from an IT perspective.
If you would like to hear more about this service, please contact us today.