Download PDF

Mar 2024

Life’s a breach – saying goodbye to cyberattacks

Life's a Breach was an exciting event we hosted in association with ALARM.

Categories Cyber Essentials and ISO 27001, Cyber Resilience, Cyber Security Strategy, Software Delivery & Consultancy

Stewart Hogg

Associate Director - Cyber

Linkedin

https://www.linkedin.com/in/stew-hogg/

The event brought together industry experts to discuss the latest trends and strategies for protecting sensitive data. With multiple speakers throughout the day, each one added a wealth of expertise in cybersecurity, providing valuable insights and solutions for all attendees.

 

How to build robust cyber security

The day began with an insightful talk by Stewart Hogg (Associate Director for Cyber). Stewart explained the importance of robust cyber security to protect sensitive data and with one in three businesses suffering a cyber breach/attack in 2023, Stewart highlighted some important stats which brought home the importance of building up cyber resilience, including how only 29% of organisations have completed cyber risk assessments.

Of course, none of this really makes a difference if you don’t know the basics. So here are Stewart’s five top tips for building robust cyber security:

  1. Establish a cyber vision

  2. Build the human firewall

  3. Build your cyber resilience

  4. Plan to respond and recover

  5. Establish strong partnerships

How can you prevent cyberattacks?

Our next session was given by our Head of Security Operations Jessica Hall. Jessica covered the different types of cyberattacks and the potential causes behind them, such as no EDRs, legacy authentications enabled, and a lack of resources to monitor alerts.

As well as gifting us with her knowledge on cyber security, Jessica went on to cover a few best practices for preventing these attacks, including, backing up servers, disabling legacy systems and protocols, access updates, permissions checks and patching.

GDPR with Simon and Andrew

Next on the agenda were Simon Holroyd (Senior Information Security Consultant) and Andrew Buckingham (Lead Software Consultant) to talk all things GDPR.

The pair spoke about the enforcement of the regulation and the challenges facing organisations with getting to grips with it. These included the limited documentation provided by organisations and the lack of understanding around ‘lawful bias.’ But with that Simon and Andrew provided more helpful solutions to solve these problems, including:

  1. Data protection impact assessments

  2. Records of processing

  3. Asking your DPO for processing activities

  4. Enforcing data deletion schemes

Vulnerability management with Craig Archdeacon

Our Head of Cyber Assurance, Craig Archdeacon, brought forward the importance of penetration testing and vulnerability management. His talk offered some useful demonstrations of how easy it can be for hackers to hack your systems if you are not properly protected.

Not only can anyone with access to the web become a hacker, but with the world of technology growing, Craig explained how there are now even more ways for hackers to gain access to your systems. Therefore, regular testing and management of vulnerabilities is more important than ever.

For a more in depth look at how you can prevent cyberattacks take a look at our recent article Little and often: safeguarding business fortitude through strategic vulnerability management.

Using AI safely with Azad Hajiyev

Next our Principal Security Consultant took to the mic to discuss AI and its presence in our lives, whether we like it or not.

From a cyber security perspective Azad explained the importance of understanding the risks of AI such as deepfakes, social engineering and bias, as well as how AI can benefit fit us. AI comes in many forms and like any new technology, it is important for organisations to understand how it works so that you can be prepared for emerging cyberattacks.

Cyber resilience with Neil Robertson

Our CISO Practise Lead brought forward a cyber resilience framework to build proportionate cyber defences.

Neil Robertson talked through the Government cyber security strategy along with the Cyber Assessment Framework to help organisations manage, defend, detect, and minimise cyberattacks on their systems. These frameworks allow you to build proportionate defences that are effective and aligns with other cyber standards.

Managing environmental risks with John Airey

John Airey (Head of Advisory Consulting) then brought us up to date with how we can manage environmental risks in an ever-changing environment.

John provided a starting point and a helpful guide to help organisations improve and manage their environmental impact. No matter the size of your organisation, we all have an impact on the environment and the tools provided here by John will help you to monitor these impacts and mitigate them.

Here is John’s step-by-step guide on how to manage environmental risks as an organisation:

 

Stay safe out there!

Whether you are a small or larger organisation, your data is important and worth protecting, so make sure you stay on top of your cyber security.

For more information on how we can help you with your cyber security, browse our page on Cyber Security Services or get in touch at cyber@waterstons.com.