Vulnerability Management Guide

We’re often asked ‘why would a cybercriminal target our business?’. The reality is every organisation has something a threat actor can benefit from, so the more relevant question is, ‘how easy would it be for a cybercriminal to target our business?’.

Like many situations in life, cybercriminals tend to take the path of least resistance and pick the low hanging fruit. Any business that displays public facing technical vulnerabilities will be their first port of call. By using readily available scanning and reconnaissance tools to scope the security health of websites, applications, wireless networks, firewalls, etc, they will focus on weakness. In fact according to Forrester, 41% of successful cyber breaches are down to a technical vulnerability being exploited.

Rightfully, Saepio classifies vulnerability management as a Security Essential. To prevent exploitation of technical vulnerabilities, the following steps should be taken:

  1. Create an inventory of all IT systems and devices on your network
  2. Identify which are critical and hold your digital crown jewels
  3. Understand where technical vulnerabilities exist
  4. Assess the level of risk associated to each vulnerability
  5. Prioritise remedial action, for example patch vulnerabilities in a timely manner based on system criticality and level of risk.

The technology aspect is an important component, the better the product, the easier it is for the IT team to address the vulnerability management process. The market leading tools not only know how to highlight all the vulnerabilities that exist, but categorise them in order of risk severity and automate the remediation/patching process. This means policy is better enforced and reduces the time burden on IT resource.

As always, the Saepio team are on standby to discuss this subject and any other cyber security challenges.

How to recover from a cyber attack

More companies are falling victim to cyberattacks as a wide range of harmful software, social engineering schemes and scams threaten to compromise the personal information and online safety of their clients. With cybercrime rates on the increase every year, it is important for businesses of all sizes to have a recovery plan in place to mitigate any losses.

In the unfortunate event of a data breach, these are the steps you should take to recover.

Read more in our How to recover from a cyber attack guide.

Saepio's Guide to Malware Prevention

It’s fascinating how many endpoint devices being protected by established AV providers fall victim to cyber-attacks.  At least Ransomware lets you know you’ve been compromised, unfortunately there’s many malware variants that sit silently and hide while propagating across the network, creating a foothold before striking.  In fact the average dwell time of a cyber breach is over 120 days!  Can you be sure there are no existing infections across your estate?

Read more in Saepio’s Guide to Malware Prevention.

Ransomware Protection Guide

It’s our job at Saepio to understand the latest tactics of miscreants in the cyber world and deliver appropriate protection to our customers. Presently, the most successful widespread and targeted attacks involve intelligent exploits to deliver malware often in the form of ransomware payloads.

Statistics show that 50% of organisations have experienced an infection and in 40% of cases the ransom is paid. It’s a profitable industry, therefore booming. Saepio offer objective advice and effective solutions to combat these threats.

Read more in our Ransomware Protection Guide.