Connecting to LinkedIn...

W1siziisijiwmtuvmdqvmtuvmdgvntqvmzgvnzi1l01ptlrbu0hfqkxpr19vtljftkrfukvex0lnqudfx3jlc2l6zwrfyw5kx3jlbmrlcmvklmpwzyjdlfsiccisinrodw1iiiwimtkymhgxmjuwiyjdxq

Blog

Cyber Security – 'Cyber Essentials' scheme aims to reduce threat vulnerability

8/10/2014 by

W1siziisijiwmtqvmtavmjgvmtuvmtavmdmvnzqyl2zpbguixsxbinailcj0ahvtyiisijywmhg0mdbcdtawm2uixv0

A new cyber security standard for IT firms and other leading organisations in the United Kingdom has been set out this week aimed at protecting them from the most prevalent types of threats associated with the internet, online systems and other digital services. 'Cyber Essentials' is designed to build a platform for 'basic cyber cleanliness' using five controls to significantly reduce a company's vulnerability to a breach. The scheme is already proving popular with prominent IT Corporation Hewlett-Packard. It is demanding that its entire supply chain adopt this scheme as the emphasis on protecting vital information becomes greater due to the impact of hacks and viruses on profitability and business continuity.


A recent study by the Department for Business Innovation and Skills (BIS) revealed that over a third of cyber security incidents during the last 12 months were classed as serious and involved a loss of customer data, malicious activity or website hacking. The government is now urging organisations in sectors such as Data Analytics and Architecture & Strategy (where personal information and sensitive data is handled) to adopt the industry-endorsed security certification. Cabinet Office Minister Francis Maude revealed, “It's vital that we take steps to reduce the levels of cyber security risk in our supply chain. Cyber Essentials provides a cost-effective foundation of basic measures that can defend against the increasing threat of cyber attack. It is accessible for businesses of all sizes and sectors to adopt.”


Mobile applications pose the next security problem for organisations. Gartner, a leading market researcher, has predicted that the majority of apps will fail basic security tests throughout 2016. The lack of security protocols could be devastating for businesses as their networks, corporate data and enterprise security policies will all be vulnerable due to employees accessing assets and performing business tasks using mobile apps. This problem is likely to be exacerbated by the increasing adoption of mobile computing strategies according to Gartner's principal research analyst, Dionisio Zumerle. He added, “today, more than 90 per cent of enterprises use third-party commercial applications for their mobile BYOD strategies, and this is where current major application security testing efforts should be applied.”


The emergence of new security tests based on behavioural analysis, which can detect malicious activity by monitoring apps and the GUI, is just one of the ways in which threats can be reduced along with an adjustment of current SAST and DAST vendors to cater to mobile technologies. However, it will also require an increased awareness by both enterprise users and businesses themselves to improve cyber security in the long term.

This blog has been written by Jack Skinner - Cyber Security Consultant. To find out more or to have a detailed discussion you can contact Jack on:+ 44 (0)20 7014 0230 or send an email to jacks@montash.com

Montash is a multi-award winning, global IT recruitment business. Specialising in permanent and contract positions across mid-senior appointments across a wide range of industry sectors and IT functions, including:

ERP, BI & Data, Information Security, IT Architecture & Strategy, Energy & Technologies, Demand IT and Business Engagement, Digital and E-commerce, Leadership Talent, Infrastructure and Service Delivery, Project and Programme Delivery.

Montash is headquartered in Old Street, London, in the heart of the technology hub. Montash has completed assignments in over 30 countries and has appointed technical professionals from board level to senior and mid management in permanent and contract roles.

comments powered by Disqus

Social Stream

Latest News

W1siziisijiwmtcvmdkvmjkvmdgvmtmvmjkvmjgyl1vudgl0bgvkigrlc2lnbiaomjuplmpwzyjdlfsiccisinrodw1iiiwimzgwedewmcmixv0

Are PSLs a Blocker or an Enabler?

2017-10-02 11:00:00 +0100

The use of a Preferred Supplier List (PSL) was intended to support and strengthen relationships and performance between organisations and their third party suppliers. As the technical landscape continues to evolve at rapid rate recruitment and demand for new skills becomes more intense. Are PSLs still the solution or an obstacle to sourcing the right talent? The traditional PSL A dedicated list of partners intended to guarantee quality and availability ...

W1siziisijiwmtcvmdkvmjevmdgvndmvmduvmtmxl1vudgl0bgvkigrlc2lnbiaomjmplmpwzyjdlfsiccisinrodw1iiiwimzgwedewmcmixv0

Why do we punish the victims of hacking?

2017-09-21 09:00:00 +0100

Hacks occur every 39 seconds, with 95% of them targeting governments, retailers and the tech industry. If the hackers are caught, they'll face prison time under the Computer Misuse Act. More often than not, the businesses who are victims of those attacks expose themselves to punishment of their own. The laws that determine the duty of protection owed to businesses and their customers is both vague and broad, making them question just how much protection...