A new cyber security standard for IT firms and other leading organisations in the United Kingdom has been set out this week aimed at protecting them from the most prevalent types of threats associated with the internet, online systems and other digital services. 'Cyber Essentials' is designed to build a platform for 'basic cyber cleanliness' using five controls to significantly reduce a company's vulnerability to a breach. The scheme is already proving popular with prominent IT Corporation Hewlett-Packard. It is demanding that its entire supply chain adopt this scheme as the emphasis on protecting vital information becomes greater due to the impact of hacks and viruses on profitability and business continuity.
A recent study by the Department for Business Innovation and Skills (BIS) revealed that over a third of cyber security incidents during the last 12 months were classed as serious and involved a loss of customer data, malicious activity or website hacking. The government is now urging organisations in sectors such as Data Analytics and Architecture & Strategy (where personal information and sensitive data is handled) to adopt the industry-endorsed security certification. Cabinet Office Minister Francis Maude revealed, “It's vital that we take steps to reduce the levels of cyber security risk in our supply chain. Cyber Essentials provides a cost-effective foundation of basic measures that can defend against the increasing threat of cyber attack. It is accessible for businesses of all sizes and sectors to adopt.”
Mobile applications pose the next security problem for organisations. Gartner, a leading market researcher, has predicted that the majority of apps will fail basic security tests throughout 2016. The lack of security protocols could be devastating for businesses as their networks, corporate data and enterprise security policies will all be vulnerable due to employees accessing assets and performing business tasks using mobile apps. This problem is likely to be exacerbated by the increasing adoption of mobile computing strategies according to Gartner's principal research analyst, Dionisio Zumerle. He added, “today, more than 90 per cent of enterprises use third-party commercial applications for their mobile BYOD strategies, and this is where current major application security testing efforts should be applied.”
The emergence of new security tests based on behavioural analysis, which can detect malicious activity by monitoring apps and the GUI, is just one of the ways in which threats can be reduced along with an adjustment of current SAST and DAST vendors to cater to mobile technologies. However, it will also require an increased awareness by both enterprise users and businesses themselves to improve cyber security in the long term.
This blog has been written by Jack Skinner - Cyber Security Consultant. To find out more or to have a detailed discussion you can contact Jack on:+ 44 (0)20 7014 0230 or send an email to firstname.lastname@example.org
Montash is a multi-award winning, global IT recruitment business. Specialising in permanent and contract positions across mid-senior appointments across a wide range of industry sectors and IT functions, including:
ERP, BI & Data, Information Security, IT Architecture & Strategy, Energy & Technologies, Demand IT and Business Engagement, Digital and E-commerce, Leadership Talent, Infrastructure and Service Delivery, Project and Programme Delivery.
Montash is headquartered in Old Street, London, in the heart of the technology hub. Montash has completed assignments in over 30 countries and has appointed technical professionals from board level to senior and mid management in permanent and contract roles.