Cybercriminals are targeting everything from networks to inboxes as they fine-tune their instruments of disruption and destruction.

How strong are your defences?

In last week’s blog post, we looked at digital identity management and why it’s essential to control access to your important assets and sensitive data. Compromised or stolen user credentials (including login names and passwords) are sometimes the only things required for hackers to penetrate business systems. But the most efficient villains in cyberspace are arguably the ones expanding their toolsets, refining their methods, and adapting their strategies. To combat their efforts, you must do the same – and more.

How many times have you seen the words “hacked” and “breached” in news headlines this year? Two industry studies – Microsoft’s latest Security Intelligence Report and Cisco’s Annual Cybersecurity Report – recently documented the most prevalent threats in the digital domain. Malware was highlighted as a growing problem.

A menace in the virtual world

Malware is the term for any kind of malicious software that’s designed to disrupt, harm or gain unauthorised access to a computer system. From the intrusive to the blatantly hostile, malware can take the form of a computer virus or worm, a Trojan horse, or even a piece of ransomware. The program code is created for a specific, nefarious purpose.

Computer viruses and worms were some of the earliest forms of malware. Viruses delete, corrupt, or steal data, and are capable of spreading from one infected computer to another. Worms spread copies of themselves from machine to machine, without any human involvement, and leverage networks to replicate rapidly.

Trojan horse malware masquerades as something else, much like its wooden namesake from Greek mythology. Computers become infected when people download insidious programs or applications disguised as legitimate resources. Trojan horses can be exploited to give hackers remote access to impaired computers, or to record sensitive data through keystroke logging.

Ransomware is an apt name for the type of malware that effectively limits or blocks access to files, folders, or systems until a ransom is paid. In some of the most prominent cases last year, cybercriminals encrypted, stole, or threatened to publish sensitive data belonging to banks, law enforcement agencies and corporate institutions unless they received hefty sums of money.

Malware is a formidable weapon in an attacker’s arsenal, but it’s certainly not the only one. Have you done enough to protect your network from sophisticated security threats?

Effective security is a team sport

You’ve heard that proverb about chains and weak links, right? We’d argue that the same applies for networks and people… The security of your network depends, in part, on the people connected to it. And if those people are ignorant about best practice, or complacent about passwords, or nonchalant about the perils of cyberspace, then your system could be vulnerable.

In modern enterprises, networks are often the foundations of all digital architecture. From enabling communication to supporting software and applications, networks are critical pathways for productivity. And that means they need to be protected – from internal and external threats. Creating a culture of awareness within your organisation is an important step. Get your employees involved by educating them about the latest cyber threats (especially those associated with the tools they use every day, like email) and the importance of people-centric enhanced security measures (like multi-factor authentication for account logins).

If your people are informed and aware, then they’ll be better equipped to identify and report any unusual or suspicious network activity. Early detection is critical in any threat scenario, and your IT staff would likely welcome business-wide vigilance.

Is your business challenged around cyber security and identity management? BUI’s experts have in-depth knowledge and experience across several next-generation solutions that are redefining the way the world looks at information security. Ask us about cyber security consulting, penetration testing, and vulnerability scanning. We’ll help you strengthen your security posture.

BUI is an official Microsoft Partner in South Africa, and an award-winning leader in identity and security solutions.

August 15, 2018
admin

You Can’t Afford To Be Complacent About Cybersecurity

Our commitment to ensuring business continuity – even in the face of disruption – has been recognised by the British Standards Institution.

We’re proud to announce that we have earned ISO 22301 certification after a rigorous independent evaluation by the British Standards Institution last month. The ISO 22301 badge is recognised internationally and sets the standard for Business Continuity Management Systems.

“This certification highlights the strength of our company’s business continuity strategy,” says Gayle Roseveare, our Chief Operating Officer (COO) here at BUI. “It proves to our staff, partners and customers that we’re prepared for any eventuality – and that we’re able to serve and support the people who rely on us, no matter what. Our ISO 22301 badge represents our commitment to effective risk management, organisational resilience, and reliability – even in the face of disruption,” notes Roseveare.

What is ISO 22301?

Developed by the International Organisation for Standardisation, ISO 22301 lays out a framework to help companies like ours create, implement, and maintain a comprehensive business continuity management system (BCMS). The main aim is to ensure that companies are protected against unforeseen business challenges and equipped to respond and recover when such events do occur.

“BUI is a global company with offices in East Africa, South Africa, the United Kingdom and the United States,” says Roseveare. “On any given day, our teams are provisioning cloud infrastructure, monitoring and securing digital environments, and delivering a wide range of IT services to customers. We operate around the world and around the clock – and we have to be able to do so continuously. Whether there are power outages in South Africa or internet connectivity issues in Europe, we need to ensure we can deliver uninterrupted services to our customers. Our ISO 22301 certificate validates our planning for disruptive incidents and disasters.”

Why is ISO 22301 certification important?

“In an unpredictable business climate, it pays to be prepared,” explains Dhiren Boodhia, our Group Governance and Compliance Manager. “And that goes double for service providers like us. To earn our ISO 22301 certificate, we had to demonstrate that we have a thorough BCMS in place; that the staff in our various offices understand the BCMS and the processes required to sustain it; and that we are focused on maintaining business continuity and sustainability regardless of market uncertainties and challenges. I think the ISO 22301 badge is an important differentiator – especially when customers are looking for a steadfast technology ally that is as dedicated to legal and regulatory compliance as it is to protecting the business resources of the organisations it works with,” he says.

For customers who choose to partner with BUI, there are five key benefits, adds Boodhia.

Consistency. ISO 22301 emphasises the importance of consistency when it comes to best practices and business processes. “We’ve been assessed on our capabilities around risk assessment and impact analysis as well as our strategies for mitigating disruptions. Our teams excelled in every area – and that means our customers can expect the highest standards of service and care from everyone at BUI,” says Boodhia.
Data protection. With the cyber threat landscape evolving so quickly, data privacy and data security are critical considerations for customers. “ISO 22301 includes extensive conditions for data protection and data recovery,” notes Boodhia. “Our ISO 22301 badge, together with the ISO 27001 certification we achieved for our commitment to information security management, should give our customers even greater confidence: we handle all data respectfully and safely.
Faster recovery. “ISO 22301 requires us to have a holistic strategy in place to deal with disruptions and disasters. It also mandates a detailed recovery plan to ensure that downtime is minimised – for our company and for the business organisations we serve,” says Boodhia. “BUI customers can be assured that, in the event of an issue, our teams will follow a step-by-step framework to resolve the problem as quickly as possible.”
Greater compliance. By achieving ISO 22301 certification, BUI has met the global benchmark for business continuity management, adds Boodhia. “Many of our customers operate in highly regulated industries, like financial services and healthcare, and they must adhere to their own standards in terms of the services they provide to their clients. BUI is committed to maintaining essential functions during adverse circumstances – and that’s a big plus for customers who have strict compliance obligations.”
Peace of mind. ISO 22301 calls for certified organisations to update and improve their business continuity processes to ensure that their strategies remain current, relevant, and effective. “We’re obligated to adapt and enhance our BCMS plan as our company grows,” explains Boodhia. “It’s good news for our customers because it means we’re always prepared. Whatever happens, the BUI services and solutions that so many businesses utilise every day will be available.”

Our commitment to your success

ISO 22301 may be our newest certification, but it’s also a testament to our unwavering focus on our customers, notes our COO. “To be a dependable, reliable technology partner, you need to anticipate the challenges you’re going to face and then take the necessary steps to ensure that you can address those challenges as soon as they arise. We’re being proactive today so that we’re ready for tomorrow – and always on hand to help our customers be productive, secure, and resilient,” Roseveare concludes.

Do you have a disaster recovery plan in place?

Our experts can help you craft a comprehensive backup strategy aligned with your business structure, your IT resources, your budget, and your goals.

Contact our team to arrange a discussion today.