Business Cyber Security Predictions for 2023 and beyond

Business Cyber Security Predictions

In this article, we look at Business Cyber Security Predictions for 2023 and Beyond 

_______________________________________ 

If there is one thing we know, Cyber criminals are getting more and more sophisticated with their attacks as the years roll by.

There is not only emotion-led individual attacks, but attacks that go right the way through the supplier chain, that have devastating consequences for businesses.

What’s more, our more recent trends of working from home only enhance the exposure of cyber security threats.

In this article, we look at some three of the top Cyber Security Predictions for 2023 and beyond, and what you need to consider to keep your business safe.

1. Cyber Security Architecture will become a MUST for Businesses. 

According to Gartner’s research, by 2024, “organisations that adopt a cybersecurity network architecture will be able to reduce the financial costs of security incidents by an average of 90%”

So what does that actually mean?

It’s important for businesses to consider their Cyber Security strategy to ensure they use something that is flexible enough to fit in with the changing shape of how we all work. With more people working from home and remotely, traditional cyber security will no longer cut it. Many will need to transition to an improved cyber security architecture.

Top Tip: Audit your Business Cyber Security and how far it stretches.

2. The Human Error will need to be taken control of

Awareness of Cyber Crime starts by arming staff members with the knowledge they need to protect themselves and the business.

Here’s the alarming thing. Research suggests that only 40% of businesses believe their staff have knowledge of business cyber security and the role they play within that. Alarming, right?

Imagine the impact when business cyber security does not extend to remote workers!

Cyber Security, and the part staff play, is going to need to become part of HR processes, and staff training. This will help ensure that human errors are not responsible for large-scale and costly cyber attacks.

Top Tip: Conduct a short employee survey to find out how much staff know about Cyber Security and their role. Let the responses to that survey fuel the staff training strategy that follows.

3. Business Partnership Selection will be based on Low Cyber Security Risk

Gartner’s research suggests this. By 2025, “60% of organisations will have Cyber Security Risk as the primary determinant in conducting third-party transactions and business relationships.”

Is it any wonder when supply chain threats are at an all-time high?

It only takes one weak link to bring the whole chain crashing down.

Is your business is not able to prove its cyber security? This is an area that could prevent meaningful partnerships from getting off the ground.

Top Tip: Understand your partners. Know their views on how important Cyber Security will be to partnership choices in the future. That will give you an idea on how urgent the action is that you have to take.

4. Business Cyber Security will have a more prominent place at the Board table

Did you know that 85% of the jobs that will exist in 2030 do not even exist yet!

When you consider the online world 10 years ago to the present time, the changes are vast. The same will happen again over the next 10 years. And of course, a proportion of that 85% of jobs will be aligned to business Cyber Security over the coming years.

As a business, you should ensure that the Cyber Security conversation has a prominent place at your Board table. Certainly, it should be considered just when the time is right to have a job role that homes in on this must have area.

Top Tip: Add Cyber Security to the agenda now! If you start to make in-roads on this subject, it will make the process a lot smoother as the cyber security world advances.

In Summary:

Cyber Security threats are not going away, and it only takes one wrong turn to be left with reputational damage, hefty costs and business downtime.

If you would like to book a free Cyber Security discussion, so we can audit your current capability, do get in touch.

IT Priorities for SME Businesses

IT Priorities for SME Businesses in 2023

In this article, we discuss SME IT Priorities for 2023, and the 5 necessities for you to tackle in your Growth Strategy.

_____________________________________

As we begin a new year, it’s likely that the last thing you want to think about is your IT.

However, being the IT super-fans that we are, we’d suggest that now is the best time to do this.

With this year set to be another challenging one, what greater way to start than with a clear strategy for the months ahead?

A solid IT strategy is a critical part of your business growth plans for the year, so your IT Priorities are important to get right.

You can’t grow the business unless your technology serves and enhances what you want to do.

Of course, we’re biased. But a powerful IT strategy really is the foundation of moving your business forward. Especially when times are tough.

With the right strategy and implementation plan, your IT will be one of the greatest tools you have working for you.

Perhaps you haven’t created an IT strategy before. Or maybe you have, but your business has outgrown your original plan.

So, where do you start with your IT priorities?

It sounds like a huge undertaking. But with the right advice and guidance, it’s actually a lot simpler than you’d think to create a personalised IT Strategy.

In this article, we’ve listed the 5 most important areas to include, that will help you to form your IT Priorities and Strategy for this year and beyond.

Before we begin, it’s worth noting that your IT priorities and strategy should take into account business goals for the:

• Short-term (let’s say 6 to 24 months)

• Long-term (3 to 5 years)

We’d always suggest that you focus on an IT strategy that has plenty of room for movement. Because as we’ve seen this year, things can change… and quickly.

You and your team must be adaptable in order to survive – no, to thrive – in these tougher times.

1. OUTLINE YOUR BUSINESS GOALS TO GUIDE YOUR IT PRIORITIES

As a successful business owner, it’s likely that you already have clear goals. After all, this is what drives you to keep pushing your business forward.

But it’s also important to consider how your IT infrastructure will accommodate them. Your IT strategy should support and complement your goals.

Here’s some areas to consider:

  1. Sales Targets & Pipeline
  2. Business Partnerships
  3. Acquisitions or Mergers
  4. Different jobs or departments
  5. Growth
  6. Communications

There are many areas to consider, but the core questions to ask yourself for each:

a)  Will my current infrastructure support this?

b)  What needs to change/where are the gaps that my IT priorities need to plug?

c)  Who is impacted and how?

d)  Do we understand the solution required?

2. IDENTIFY YOUR KEY PEOPLE AND IMPACT

You probably already know the key people within your business, but they may not be the same people you make either responsible or impacted by your IT strategy.

The next thing to understand is the gaps in your current capability, so understanding:

1. How your technology is currently used

2. Where the gaps are

3. What is more difficult than it needs to be?

4. Feedback from the team on where it needs to improve

5. Who is impacted

Consider these questions carefully, involving the necessary people in your team.

This will give you a fantastic viewpoint of where your need to put effort when it comes to your IT infrastructure.

The sky’s the limit. Your people should be telling you how they’d love things to work in a perfect world; if there were no limitations on what you’re able to do. That way, you can work to find solutions as close to perfect as possible.

3. REVIEW YOUR CURRENT IT INFRASTRUCTURE

You really need to understand how well your current infrastructure is working, in order to see what improvements (if any) need to be made.

You will have made good inroads with this with the previous two strategic considerations.

Next, think about how you will move this forward:

  • Will you have an internal person or people handling things, or does it make better financial sense for you to partner with an external company?
  • Who will manage liaising with your IT partner?
  • Who does your IT priorities and strategy apply to?

With this important step, overlaid onto the previous two, means you are ready to start creating the plan.

It’s important everyone understands that this step needs some critical thinking.

Remember that each department will have a different take on this, because they will be
using your technology differently, depending on their roles. The key is to find the sweet spot in keeping everyone productive, motivated, and happy.

4. CREATE YOUR IT ROADMAP

This might sound like the hardest step, but creating a roadmap for your new IT strategy is vital.

If you’ve followed the advice with the previous 3 steps. and planned properly, it shouldn’t be too complicated.

There is no harm at all in reaching out to an IT Services Company to support you with this. They will be able to help you look at your overall technological architecture, which includes hardware, software, and other tools your people will be relyingupon.

It really doesn’t matter what company you are; large or small, we all rely on such hardware and software.

Your IT partner should be able to make the appropriate recommendations to fit your requirements. And suggest tools that will all work with each other seamlessly, to save time, money and resource.

It’s worth putting your roadmap and IT priorities into sections, to represent different departments, or functions within your business and the differing technologies they will require.

This will help to give you an overview of how everything will fit together when the time comes for implementation.

5. DEFINE NEW METRICS

While your new IT strategy should work to make your business life easier, it’s also of vital importance that it’s cost effective too.

Again, breaking it down into departments or functions is critical. And we suggest creating new KPIs (Key Performance Indicators) to help you monitor exactly how performance is changing over time.

It’s worth remembering there may be a short period of adjustment for your people. So you may not immediately see the results you’re hoping for if you’ve made some dramatic changes. But it shouldn’t take long for you to notice longer-term improvement.

Creating and tracking a range of metrics will give you a fantastic insight into how well your new technology infrastructure is working for you.

It will also allow you to be more proactive in identifying and solving minor issues as they arise. And importantly, before your team is impacted.

Your choice of strategic IT partner is critical to getting this right when it comes to IT Priorities and Strategies

This might all sound a little overwhelming if it’s not something you’ve done in your business before. However, hopefully you can see the many benefits of creating an IT strategy, as part of your overall growth strategy.

Bring in the experts if it still seems daunting, and you will definitely see improvements to the way you do business.

Lots of businesses trust us as their strategic partner, and we pride ourselves on finding the perfect solution for them.

Book a no obligation 15-minute video call with us if you need to think about your IT Infrastructure for 2021, to make your business and your staff more productive, with less frustration.

Email: hello@1stcs.it

page5image29845456

Company Password Security

Company Password Security: The Importance of Keeping Safe

Including FREE Company Password Security Guide


How seriously are you taking the security of your company passwords? Security is something that is all around us. We lock our cars, our houses and our phones.

Have you ever walked away from your car or house and then gone back to check you locked it, even though you are sure you did?

We alarm our houses. Sometimes we even go back and double check that too!

But what about your company passwords for your work computers?

  • How secure are your company passwords?
  • How secure are your staff’s passwords?
  • How sure are you that no one is sharing their company passwords, or leaving post-it notes of passwords on their computer screens (it happens!)

Now I know Cyber Security is a topic for tech experts but it is also a topic that every business person needs to be involved in, whether you like it or not.

Did you know that in 2021 the most common password in the world was 123456* (and for the previous 2 years).

It can take hackers LESS than a second to crack that password.

We know what it’s like to run a business, and the pressures that are on both the business owners and staff – and trying to remember passwords is another thing that many find difficult to keep control of.

However, if you don’t, then the consequences can be severe, costing a small fortune to rectify. So not taking company password safety seriously is dangerous.

As a business owner you need to ensure that your staff are doing their bit to keep your company safe, and that means your company passwords too.

We’ve put together a FREE Safe Company Password Guide to help YOU keep YOUR business stay safe.

Simply click here.

Happy reading, I hope you enjoy it.

FREE Supply Chain Check

FREE Supply Chain Check

Supply Chain Fraud can happen in a number of ways but we see far too many where the easiest & simplest of things haven’t been done, especially with e-mail & CRM systems. Companies in the supply chain that haven’t enabled Multi Factor Authentication (and often also haven’t enabled Sender Policy Framework or DMARC, so anyone, anywhere can send email as if from them).

A fake internal email from a colleague with a link to ‘an important document’, a fake login page to the shared on-line drive that then gives away the users logon, then use that genuine account to send just one more email in an existing thread, topped & tailed like all those before. This will not be picked up by filtering services … because it is a genuine email, from a genuine mailbox of a genuine supplier and the end user has no reason to believe it isn’t a continuation of a genuine thread.

It is time for companies to test, educate and secure their supply chain as ultimately it is looking after their own interests too. Collaboration to keep all secure and in business.

You would be surprised by what we are able to deduce from a domain name or better still a header from a genuine email – use our FREE Supply Chain Check to test yours.

Microsoft Exchange Critical Vulnerability

Microsoft Exchange Critical Vulnerability

350,000 Microsoft Exchange Servers remain unpatched against a critical vulnerability fixed by Microsoft in February!

If you run an in-house Microsoft Exchange Server simply e-mail us on helpdesk@1stcs.it and from the hidden e-mail header we can tell what version and update of Exchange you are running and advise accordingly.

This is a FREE service to ensure companies are secure against compromise (this bug allows a standard user account to take complete control of the server as an administrative user and from there likely other resources/servers on the network).

Working From Home

Working From Home

We have been busy setting up our clients to enable their staff to work securely and efficiently from home (WFH).

For some that has been implementing firewall changes to prioritise WFH internet traffic over normal traffic. For others who have redundant connections it has been dedicating one purely to WFH traffic.

One design customer, who operate from a beautiful barn but with limited connectivity speeds found they could get 20mb:20mb via 4G. A 4G router has been added to their firewall and dedicated to WFH traffic. As it is only WFH traffic going over 4G the data costs are capped within their SIM contract – “Thanks guys, it’s now just like being in the office!”

If you are struggling to get your staff working securely & efficiently from home with IT or Telephony drop our support team an email. We can then arrange a FREE chat with one of our skilled engineers who will help & advise. helpdesk@1stcs.it

VPN and Working From Home

VPN and Working From Home

If you use VPN (Virtual Private Network) to access your business IT, is it patched, secure and most importantly using Multi Factor Authentication (MFA/2FA)?

In the race to give staff access to corporate systems from home we are hearing of VPN clients being hastily installed on untrusted home computers.

If these machines are compromised by malware the VPN profile can be extracted and the username & password logged – without MFA they can be re-used giving ultra easy access to a hacker.

There are other ways of securely giving ‘air gapped’ access from home computers, but be careful there are many rogue services & software out there just waiting for you to effectively breach your own network!

We would leave VPN connectivity for corporate owned & trusted devices (and still secure with MFA!) and set very tight firewall rules around what servers & services can be connected to over VPN. This also goes for those who expose Remote Desktop Services (aka Terminal Services) directly to the internet, not behind a secure gateway and likely again without MFA – Don’t Do It!

IT Super Heroes

IT Super Heroes

Last week I was put on the spot by a friend of a friend and asked ‘So what’s your company’s USP then Steve?’

I failed at the first hurdle with ‘Err, i guess we’re much the same as many others really’. ‘You’re not very good at this Steve’ came the reply, with a chuckle and a grin, ‘Try Again’.

My 2nd attempt was a little better – ‘Well, err, we care! We genuinely care and want our customers to have the most resilient, secure, scalable infrastructure and staff that are cyber risk aware’.

The next day on the short walk to school I asked my 8 year old Son what our USP is and without hesitation, he nailed it, first time – ‘That’s easy – You’re IT Super Heroes!’ So there you have it 1stCS #ITSuperHeroes

Windows 7 End-Of-Life

Windows 7 End-Of-Life

Windows 7, End of Life January 14th 2020 – Act Now!

If you haven’t yet replaced or upgraded your machines to Windows 10, especially if you are a business, it is essential that you do so now!

The team at 1stCS are here to help. If you need any help or advice please do get in touch on 01329 630018 or helpdesk@1stcs.it

After January 14th 2020, no security updates will be released for the Windows 7 platform, making it increasingly vulnerable over time (many vulnerabilities fixed in Windows 8 & 10 are likely to also exist in Windows 7. Reverse engineering of a fix exposes the flaw and it is then actively targeted, especially on machines that will never receive a fix!).

If you rely on the built in Microsoft Security Essentials (MSE) in Windows 7 as your anti-virus, it has now been announced that that will continue to receive signature updates (but no updates to the software itself). Microsoft originally intended to stop signature updates on January 14th too but have wisely decided to continue providing them as not doing so would have left many even more highly exposed.

The following Microsoft document explains more – https://lnkd.in/dJ5EfvV

Windows Server 2008

Windows Server 2008

Windows Server 2008/2008R2 – End of Life 14th January 2020!

If you haven’t yet upgraded/replaced Windows Server 2008 (Microsoft Small Business Server is built on Server 2008 & Exchange 2010!) you will become more and more vulnerable over time.

There will be no security updates to Server 2008 after 14th January 2020.

This is especially important if your server is exposed on the public internet for services such as Outlook Web Access (OWA), Direct Push Email to mobile devices, Sharepoint or the server itself is used to provide Virtual Private Network (VPN) access to your internal network.

Microsoft Exchange 2010 was due to go out of support on this date too but that has been given a reprieve until October 13th 2020 to give people time to migrate to a newer version or into the cloud. If you are worried, contact our team on 01329 630018 or helpdesk@1stcs.it and we will advise on options suitable for your particular business size, environment & situation.