We live and breathe security at Saepio, so it’s quite fascinating for us that most new organisations we speak to have not conducted a Cyber Risk Assessment. The 2021 UK Gov cyber survey states only 34% of businesses have. For those that haven’t, it’s difficult for them to know how ready they are to respond to a cyber attack.
When Saepio are interviewing senior executives during the risk assessments we conduct, the most common concern is the threat of Ransomware and the organisation’s ability to quickly recover. The National Cyber Security Centre’s (NCSC) Cyber
I’m glad to see that UK companies of all sizes, and across all verticals, are starting to take Cyber Security more seriously. More organisations are looking at best practice guidance, and frameworks such as Cyber Essentials, ISO27001 or the NCSC CAF.
Areas common to those three standards, are to look into the technical vulnerabilities they might face, and how good vulnerability management and patching is a cornerstone of foundational security. Understanding the importance of human vulnerabilities is also on the rise, how to educate your staff, and
Working in the solutions team at Saepio I’m always amazed at the quantity and quality of intelligence and research that our vendor partners and customers alike conduct and share with the community. 2021 dealt a low blow to already exhausted incident response and forensics teams after dealing with a myriad of attacks of 2020. The Microsoft Exchange ProxyLogon CVE-2021-26855 was a mass attack that leveraged four separate vulnerabilities and led to anyone with an on-premise exchange server scrambling to mitigate risks.
One of the main features of this campaign was the relentless