Y
web presence or making changes■ AppCheck would like
to their IT architecture, this leavetos offer readers a free
SME TOOLKIT
Taking action to prevent cyber-attacks
APPCH ECK: Why cyber-security is as
important as ever as hackers step up their
attacks during the pandemic.
ou would hope that
hackers would take a
break during a global
pandemic. However,
with many companies
changing the way their
employees work, increasing then-
FREE
CYBER-SECURITY
ASSESSMENT
doors open and creates areas of
weakness. Indeed, statistics reflect
that cyber-attacks have risen 37
per cent in the last few months.
With the introduction ofGDPR
rules and fines, many high-profile
attacks have brought companies,
both large and small, into the
spotlight regarding their security.
When we think ofcyber-attacks
our minds often flash to larger
corporations and massive data
leaks for millions of customers,
but these arejust the ones we
see reported in the news. In fact,
a 2019 report found that 43 per
cent ofbreaches involved small
business victims.
The statistics are clear -
despite increasing maturity of
security controls, external web
applications continue to be a
lucrative route ofexploit for
attackers.
It’s time to take cyber-security
seriously, and whilst we hope you
would never need it; prevention is
better than the cure.
Common misconceptions
around cyber-security
■ It’sjust a website: “We don’t
have customer or critical data
on our website.” “It’s hosted
in a separate location to our
organisation infrastructure.” -
Or words to that effect are often
heard when discussing security
scanning.
It is often the case, however,
a compromised website can be
used as a staging ground for other
attacks against the organisation,
used to gather further information
or can be used for reputational
damage by defacement. Hackers
CONTACT US
Tl IF YORKSII IRE POST
BUSINESS DESK
The Yorkshire Post, Vo.I Leeds,
26 Whitehall Road,
Leeds LSI IRE.
Tel: 0113 243 2701
automated penetration test
to see what vulnerabilities
may be present in your
organisation’s websites,
applications, network and
cloud infrastructure.
■ Our market-leading
vulnerability scanner
searches for thousands of
vulnerabilities and using our
first principles approach will
look for some of the hardest
to reach security flaws.
■ Developed and main­
tained by leading security
experts and winners of Top
Tech: Yorkshire Award and
Prolific North Tech Awards,
AppCheck is a software you
can trust.
■ Book your free test today:
www.appcheck-ng.com/
sme-toolkit-free-scan
AppCheck
can even launch attacks targeting
customers and users.
■ Annual security testing
covers me all year: Whilst
an annual check can prove
very beneficial, this provides
data forjust a snapshot in
time. New vulnerabilities are
being discovered constantly,
presenting an ever-shifting
security landscape. Additionally,
organisations need to make
constant changes to their
externally facing IT systems and
web applications in order to keep
up with the pace ofbusiness
demands.
MarkCasci
BUSINFSS FDITOR
@MarkCa8ei
Tel: 0113 2388966
Email
mark.easei
Mjpimedia.eo.uk
The simplest analogy for why
security checks should be run
regularly is to draw parallels to
physical security ofyour premises
- the process is the same, testing
and assurance that preventative
measures are continuous and
secure and that no breach is in
progress or opportunity exists for
an attacker.
In a physical security
environment, you might advise
staffto lock doors and close
windows out ofhours, but you
would then employ a security
guard to walk the perimeter - to
check visually that windows are
Greg Wright
DFPUTY
BUSINESS EDITOR
(ayregwrightYP
Tel: 0113 238 8474
Email:
greg.wriqhl
rajpimediu.eo.uk
SAFETY FIRST:
It’s time to take
cyber-security
seriously;
prevention is
better than the
cure.
MAIN PICTURE:
ADOBESTOCK
Ros Snowdon
CITY FDITOR
pRtisSnowdonYPjV
Tel: 020 7963 7646
Email:
ros.snowdon
Cgjpimedia.eo.uk
shut and ensure doors are locked.
How often would you expect
the security guard to do this?
Annually? It starts to seem a little
ridiculous to suggest that you
only test and verify your operated
controls for weaknesses on such
a long cycle, doesn’t it? Your
premises are in use every day, an
attack could come at any time.
The same is no less true for
your web applications, in which
attackers have access 24 hours
a day, and which presents a
constantly changing attack
surface. The online world moves
faster than bricks-and-mortar, not
Lizzie Murphy
BUSINFSS RFPORTFR
(wlizzieemurphy
Tel: 0113 2383908
Email:
lizzie.murphy
Miipimedia.eh.uk
slower, so it makes sense to ensure
your security assurance controls,
such as vulnerability scanners,
align with this pace ofchange.
What can I do to improve cyber­
security for my business?
■ 1. Understand your risk. By
knowing what you need to protect
you will have a much easier time
securing your weak spots. For a
start ask yourself; What processes
you have in place, who has access
to your data, is all sensitive data
encrypted.
■ 2. Employee awareness.
Nominate a ‘security champion.’
Ismail Mulla
BUSINFSS RFPORTFR
(dlsmailMulla
Tel: 0113 238 8514
Email:
ismaiLmulla
tiijpimedia.eo.uk
F;wn> shops
oycptatf
ubooro
'[k-return
local
foutcfter
LTadil iunul
mill vvitii
Ensure all staffhave strong
passwords. Don’t use the same
password for all accounts.
Use aVPN. Turn offdevices.
Update software regularly. Most
importantly, ifyou’re not sure
about something, find out and
educate yourself and staff.
■ 3. Complete regular security
tests. Ensuring regular testing of
your websites, applications and
infrastructure can help you stay
one step ahead by fixing issues
before they can be exploited.
■ 4. Plan for the worst. Back up
data frequently and have a disaster
recovery plan in place.
John Grainger
BUSINFSS RFPORTFR
rainejermedia
Tel: 0113 238 8478
Email:
johrigrainger
(gjpimedia.eo.u
ftourpower
SECTOR FOCUS