Hi,
I recently got in touch with on of our most valued partners, ESET, who have very generously written a guest blog for us on the importance of having the best possible security - something ESET is a master in. Give it a read and get in contact with us to tell you what you think!
ESET has an extensive award winning history, winning our first VB100 in 1998, earning 60 by 2010 and being awarded a unique award for 10 years of VB100 executive awards in 2013. We also have an extensive research presence, most recently helping to shut down the Mumblehard botnet.
We pride ourselves on working closely with our partners, like Yellowbus, whether it’s providing marketing materials, having a presence at events, performing technical and sales training, or in any other way we can help.
Big data breaches have been grabbing a lot of headlines recently. It’s not uncommon to see “millions of user’s vulnerable” or “business loses users’ personal information”.
What we see less of, but is potentially even more frightening, is how malware can affect companies who don’t necessarily hold a great deal of public data.
Generally speaking data is the primary target when trying to breach a business because customer data, sales information and other privileged data is the life-blood of any business and has inherent value.
What about when it is not the main target or not the target at all? Although highly specific we shouldn't forget the effect that an infection could potentially have on the actual systems of a large industrial facility or power plant.
Stuxnet, discovered in June 2010, caused havoc throughout Iranian Nuclear centrifuges and although it seems to have been highly targeted, there are still lessons to be learned.
One of those lessons is remembering that if part of your power plant, office, home, or other premises uses a computer system of any kind it can, with the right know-how, time and determination, be targeted and infected: it’s always safe to assume the worst and take adequate measures to be as safe as possible.
This safety may be as simple as disconnecting from any external network and strictly vetting anything that connects to your internal network but increasingly everything is growing more interconnected.
You need to take steps to make your network as air-tight as possible. A multi layered approach is key: active anti-malware scanning, encryption, firewall, distinct levels of access and permissions and user education are a good start.
This is the case with any business whether you’re a one-man-band in your home office, small local business, a huge multinational, or a utilities provider. Cyber security is not a luxury, it is a necessity.
As Mark James, ESET IT Security Specialist, puts it:
“With so many attack vectors available for the cyber-criminal these days it’s important to at least do your very best to make things as hard as possible for them. You are never going to be 100% safe but there is plenty you can do to protect yourself.
“IT is used in almost everything we do these days from smartphones to withdrawing cash from an ATM, everything is automated and this includes how your energy is supplied to you.
“The backbone to every business should be a secure IT infrastructure that is maintainable and capable of evolving as new threats are found, good internet security, user education and data monitoring is an absolute must.
“But even having all the automation won’t necessarily protect you, your weakest link will be the user so it’s imperative they are educated on existing threats and kept up to date on new emerging techniques.”
