Basic CyberSecurity covers many of the digital security issues that smaller SMEs need to confront. However, organisations which:
may well require more advanced levels of protection.
Here we outline the following resources that are designed to help those organisations which face greater levels of threat:
For added protection, we suggest that you also consider taking out suitable insurance.
If your organisation faces a high Cyber threat level, the UK Government's 10 steps to CyberSecurity provides a good starting point to assess that risk and the system of protection that you have in place.
See: the video explaining the 10 Steps to CyberSecurity.
These 10 Considerations are as follows:
Take a risk-based approach to securing your data and systems.
Collaboratively build security that works for people in your organisation.
Know what data and systems you manage, and what business needs they support.
Design, build, maintain and manage systems securely.
Keep your systems protected throughout their lifecycle.
Control who and what can access your systems and data.
Protect data where it is vulnerable.
Design your systems to be able to detect and investigate incidents.
Plan your response to cyber incidents in advance.
Collaborate with your suppliers and partners.
The NCSC's Cyber Essentials programs help you to guard your organisation against cyber-attacks. They help you guard against the most common threats and demonstrate your commitment to CyberSecurity.
There are two levels of certification:
The NCSC's self-assessment option gives you protection against a wide variety of the most common cyber attacks. This is important because vulnerability to simple attacks can mark you out as target for more in-depth unwanted attention from cyber criminals and others.
Certification gives you peace of mind that your defences will protect against the vast majority of common cyber attacks simply because these attacks are looking for targets which do not have the Cyber Essentials technical controls in place.
Cyber Essentials shows you how to address those basics and prevent the most common attacks.
The Cyber Essentials readiness toolkit. Your responses to the questions in the toolkit help create a personal action plan to help you move towards meeting the Cyber Essentials requirements.
Cyber Essentials Plus still has the Cyber Essentials trademark simplicity of approach, and the protections you need to put in place are the same, but for Cyber Essentials Plus a hands-on technical verification is carried out.
The NCSC's Cyber Essentials Partner the IASME consortium can help you to get certified.
Why should you get Cyber Essentials?
If you would like to bid for central government contracts which involve handling sensitive and personal information or the provision of certain technical products and services, you will require Cyber Essentials Certification. More information is available on the gov.uk website.
For more information on Cyber Essentials and how you can qualify - see the next section: CyberSmart - CyberSecurity Made Easy.
CyberSmart - Simple, affordable CyberSecurity for SMEs. CyberSmart makes CyberScurity easy. Their automatic compliance platform makes sure your business meets recognised security standards, mitigating 98.5% of attacks all in a few clicks.
Work safely from anywhere. You need to be sure that employees’ devices are up-to-date, correctly configured and password protected. Without this, your data could be at risk. CyberSmart Active Protect checks laptops and mobiles for the key security requirements, reports on any problems, and gives you the tools to fix them – all delivered in simple, jargon-free language.
CyberSmart also helps you reach: CyberEssential, CyberEssentials Plus and GDPR Readiness security levels within 24 hours. (As part of Active Protect, you’ll also receive access to the CyberSmart Academy – simple, bite-sized training to help your staff develop the skills they need.)
To have a no obligation chat about your requirements and how CyberSmart could help, please feel free to: use the chat service on CyberSmart's web page, or contact Sam Greig by email or by phone +44 (0) 203 514 7577 with any questions you may have. (N.B. Quote "TRADETECH" for 10% off any product offering.)
CyberSmart's solutions include 4 key modules:
Click here for pricing starting at £6.00 a month
N.B. Don't forget, for 10% off any product offering, just use the promotional code “TRADETECH”. (This offer expires on 31st March, 2023.)
CyberSmart also offers Cyber Insurance. When a UK-domiciled organisation with a turnover under £20m achieves self-assessed certification covering their whole organisation to either the basic level of Cyber Essentials or the IASME Standard, they are entitled to opt in to £25,000 of cyber insurance, terms apply.
CyberSmart also provides an extensive Knowledge Base covering:
CyberSmart's blog covers even more CyberSecurity related: tips, suggestions, explanations and advice.
Free End of Year Email Trial Offer
This offer is not available on Darktrace's website - if you are interested please contact Christian Portz directly.
A few key points re: the email trial:
Some of the things (amongst others!) that Darktrace identifies:
See below, Antigena Email_ Product Brief.pdf, and Antigena Email_ Product Brief.pdf for further information about Darktrace's services.
Artificial Intelligence - Advanced Protection by Darktrace. As mentioned in the Introduction, larger more complex organisations will require more sophisticated security solutions. This then raises the question "what does my organisation need?" This not only requires an analysis of your current infrastructure and its current requirement - but also an assessment of what future threats will you face?
If your organisation’s IT security team struggles from lack of manpower and visibility, and could benefit from state of the art AI protection from the likes of zero-day ransomware, insider threat, data exfiltration, phishing emails, social engineering and beyond, Darktrace may well be the answer to your security needs.
Darktrace uses Self-Learning Artificial Intelligence (AI) to build an understanding of your unique business. This enables the AI to autonomously detect, investigate, and respond to novel and sophisticated threats across your digital ecosystem - without the need for human input or fine-tuning.
Darktrace learns about your organisation by observing how users, devices, and applications typically behave, forming patterns and continuously revising its understanding in light of new evidence. This enables Darktrace to understand your organisation's "normal" - and therefore able to detect subtle signals of malicious activity as it appears.
Darktrace stops ransomware in seconds.
Because Darktrace learns your business, not the breach, it knows how to contain only the malicious activity, avoiding the unintended disruption of normal business operations.
Ransomware is the number one threat vector that Darktrace AI responds to with its Automated Response capability. In addition, Darktrace for Email provides the first line of defence for ransomware by identifying spear phishing attacks before they reach you.
Darktrace Immune System For SME’s Empowers Small Security Teams, allowing even the smallest security team to protect their dynamic workforce from the most sophisticated threats.
See: Darktrace for Small & Midsize Businesses
Darktrace and Microsoft have partnered to help organizations enhance their cyber security across multi-cloud and multi-platform environments. Darktrace complements Microsoft's security with self-learning AI that detects and autonomously responds to novel cyber-threats that evade other defences.
See: Darktrace & Microsoft: Securing the Future of Work Together.
Darktrace’s Antigena Email has been voted #1 on Gartner for both integration and overall capability for >1 year.
94% of cyber-threats originate via email, and legacy defenses at the border continue to fall short. Yet whenever Antigena Email and legacy defenses are deployed in the same environment, Antigena consistently neutralizes external threats and data loss that evade email defenses at the border.
Darktrace offers a free 30-day trial process, where the AI can be deployed over email / network / endpoint / cloud / SaaS – or the whole lot, depending on where you’d like increased visibility and protection.
As an added benefit, during the trial you’d have access to Darktrace’s own in-house SOC (120 analysts between Singapore, San Francisco and Cambridge) – a huge asset in terms of protection for your organisation, and an excellent opportunity to observe the value-add; whilst bolstering your own environment’s security.
See: Antigena Email and Protecting the Dynamic Workforce for more information about running your free trial.
See: Darktrace's YouTube Channel for a host of short videos covering all aspects of CyberSecurity.
The first rule with regard to potential legal exposure is: do not create legal problems for yourself e.g.:
LawBite can work with you to ensure that you comply with the law with regard to: