UK SMBs lead the way in security investment, says Datto UK SMBs are less likely to have experienced downtime due to a cyber security issue than their counterparts globally and also have the lowest cost of downtime, according to the 2022 State of Ransomware Report from Datto, a Kaseya company. When asked about downtime during their most recent cyber security issue, 18% of UK SMBs stated that they didn’t have any, compared to the global average of 12%. In addition, the average cost of downtime for a UK company was almost half the global average – £53k compared to £103k. Datto suggests that this could be because UK SMBs are more likely to have implemented security solutions such as anti-virus (74% vs. 57% globally), email/ spam protection (66% vs. 53% globally), file backup (64% vs. 49% globally), managed firewall (62% vs. 49% globally) and cybersecurity training for employees (50% vs. 43% globally). On the downside, the UK has higher than average ransom requests of £16,500, compared to a global average of £12,500. The types of data most commonly encrypted in ransomware attacks in the UK are private cloud data (53% vs. a global average of 48%), followed by SaaS (30%) and PCs (30%). The last two are lower than the global average of 38%, probably due to the investment SMBs have made in the security tools mentioned above. This year, the top security investment priorities for UK SMBs are cloud security (52%), network security (47%) and cyber insurance (32%). www.datto.com ······ Cost of living crisis causing sleepless nights for security chiefs Nine out of ten cyber security decisionmakers in companies with 250+ employees stay awake at night worrying about their organisational security. According to a survey by CSI Ltd, their main concerns are a lack of cyber security skills (30%), limited resources within the IT team (29%), old IT infrastructure (27%) and the risk of third party suppliers leaving them vulnerable to a cyber-attack (25%). Three quarters (78%) believe the costof-living crisis increases the risk of a cyber attack. Leyton Jefferies, Head of Cyber Security Services at CSI Ltd, said: “The cost-ofliving crisis is very attractive for threat actors looking to prey on victims who may be more vulnerable than normal. Criminal opportunists understand that resources are increasingly being squeezed and constrained and employees may be less diligent about clicking on links. Unfortunately, it presents the perfect landscape for them to thrive.” CSI recommends the following security controls alongside an employee education programme: n Immutable backup and disaster recovery. Organisations should regularly perform immutable backups and be able to deploy to production servers immediately in case of a ransomware attack or other data loss. n Endpoint detection and response (EDR). Install antivirus solutions to protect endpoints against malware, viruses and other attacks. n Managed detection and response (MDR). Using a cybersecurity service that combines technology and human expertise will provide more effective threat hunting, monitoring and response. The main benefit of MDR is that it helps identify and limit the impact of threats without the need for additional staffing. n Security Orchestration, Automation and Response (SOAR). This streamlines security operations in three key areas: threat and vulnerability management, incident response and security operations automation. n Patch management. Consistently implement patches and updates. n Multi Factor Authentication. Use MFA to verify a user’s identity before allowing access. www.csiltd.co.uk ······ Reliance on third parties due to hybrid working putting security at risk Only half (49%) of organisations have sufficient budget to meet their current cybersecurity needs, according to a survey of IT and security professionals in the US and EMEA by the Neustar International Security Council (NISC). One in 10 (11%) say they can, at best, protect just their most critical assets. More than two thirds (69%) of respondents are concerned that budget constraints are limiting the use of new strategies, technologies and implementation practices, with 33% expecting their cybersecurity budget to stay the same or decline in 2023. A large majority of survey participants (85%) say that hybrid working has increased their organisation’s reliance on third-party providers for outsourcing staff and resources. Of these, 78% believe the development has left them more exposed to distributed denial-of-service (DDoS) attacks (cited by 22%), system compromise (20%) and ransomware (18%). Carlos Morales, Senior Vice President of Solutions at Neustar Security Services,said: “With mounting budget pressures, IT and security teams are once again being asked to do more with less, which will likely accelerate the adoption of service-based offerings that allow NEWS 01732 759725 04 NEWS Stratospheric Platforms Limited (SPL) has received investment from PT Profesional Telekomunikasi Indonesia (PROTELINDO), the largest telecommunication infrastructure company in Indonesia, as it seeks to raise £130 million to deliver airborne antenna services globally. The UK-based company aims to provide 5G network coverage from the stratosphere using hydrogen-powered High Altitude Platforms (HAPS). These unmanned aircraft each have a phased-array antenna designed for standard LTE/5G smartphones capable of delivering direct broadband connectivity to users over an area of 15,000 km2 with connection speeds of up to 200 Mbps. HAPS offer seamless integration with terrestrial networks and tower operators, extending connectivity to hard-to-reach areas without the requirement for large capital expenditure associated with terrestrial roll-outs. 1 Datto SMB Cybersecurity for MSPs Report eBook Datto SMB Cybersecurity for MSPs Report continued...
RkJQdWJsaXNoZXIy NDUxNDM=