SES Blog

In a recent study conducted by insurance broker Gallagher, UK councils have reported being targeted by more than 263 million cyber attacks in the first half of 2019 alone, equating to 800 attacks every hour.

Worrying figures released recently by data security firm Egress revealed that 52% of UK businesses are still not fully compliant with GDPR regulations, more than 18 months on from their introduction.

From the outset, having your systems encrypted and held to ransom by a ransomware attack can cost you thousands of pounds per minute, so the cost of paying the ransomware demands can appear minimal in comparison.

Recently the news broke that the Information Commissioners Office (ICO) has begun to flex its muscles and ramp up the penalties for breaching GDPR, with both British Airways and Marriot International on the receiving end of monumental fines for the personal data breaches they reported in 2018.

Last week the news broke that hotel group Marriot is to be fined £99.2m by the Information Commissioners Office (ICO) after malicious attackers stole the records of 339m guests.

In last weeks article we discussed a recent conversation with one of our clients who mentioned they didn’t need to take any measures to protect their organisation against a potential security breach as they didn’t store customer data on-site.

As a Cyber Security provider, we are always working closely with our clients and advising them on the best approach to protect their business from malicious threats, but earlier this week one conversation in particular stood out.

Whilst most businesses are making strong progress in their efforts to secure their organisation, we regularly still hear excuses like “we are a small business, we don’t have the budget” or “we’re too insignificant to be targeted” for not taking any measures to increase organisational security.

Most organisations rely on at least one third party supplier to deliver products, systems and services, utilising additional organisations and their capabilities to deliver enhanced service offerings.

This week’s article aims to build on last weeks piece, discussing how regular Vulnerability Assessments blended with Penetration Testing can help improve your organisations security posture.

Every business needs to have Cyber Security on its strategic agenda.

Security breaches on organisations are a case of when, not if, as malicious individuals are constantly scanning the internet for websites with vulnerabilities.

From marketing automation to finance or internal communications, organisations are using internal web applications every day that are critical to their business’s operation.