Cyber risks -- and opportunities -- abound as partners grow

A cyber practice needs to be built over time, using an ongoing programme of cyber inspired outreach that offers valuable information and insights. By offering a stream of security enriched content, blogs, and commentaries, a Partners’ cyber expertise becomes solidified while demonstrating empathy for their customers’ greatest security concerns. Cyber-crimes are dynamic, evolving, and in extreme cases, can be state-sponsored and can carry a global impact, so Partners should offer affiliate assistance and links that can tap into larger cyber advisory bodies. This could be through collaboration with other leading cybersecurity organisations who allow Partners to share threat intelligence and appropriate remedies with their own customers.

Once established, Partners need to start by assessing risks and ascertaining security goals. Established cyber-Partners understand that no two customers carry the same level of cyber-risks, so it’s essential to first develop a comprehensive understanding as to what organisational needs may be. Conversations should start early in understanding both possible cyber impacts and overall cyber goals - be that full Cyber Essentials accreditation, or increasing employee security awareness training to negate the human risk. But what if customers don’t know, or fully understand, their current cyber capabilities? Cybersecurity assessments and audits can then be a great start in establishing cyber cadences and highlighting likely cyber breach impacts. Partners identify vulnerabilities and present findings in a clear, actionable report which showcases commitment to security. If the organisation is large, or the infrastructure complex, a trusted third-party service provider can holistically assist in the report compilation with an automated inventory and device dependency flow report, that fully captures the likely knock-on impacts across the estate.

In a similar vein, proposed cyber enforcement solutions need to be tailored to likely threats and customised to address specific challenges highlighted in the initial customer assessments. Offering a full suite of Managed Security Services, including real-time monitoring, threat detection and response services, proactively protects and reassures customers. But such services may need tailoring, avoiding over provisioning of rarely used features. Generally, all Partners should be offering cybersecurity training programmes for users, raising awareness to common universal threats like phishing and ransomware on an ongoing basis, creating an effective cyber-aware workforce. In a similar vein, establishing an incident response service to mitigate and recover fast from any future cyber-attack should always be offered. Other baseline physical security processes that should be implemented include network security checks (e.g., stopping unauthorised access through firewalls) and endpoint security adoption across all devices. For those customers who need higher levels of security such as in healthcare or e-commerce settings, a constant threat detection monitoring service spanning across network assets, systems and business apps should be offered. If a Partner can’t offer these services 24x7, they can opt to outsource to specialist partners who can identify vulnerabilities and initiate fast remediation plans. Partners who can offer proactive threat hunting capabilities, even if gloved through a third party, re-assure customers that they are one step ahead of the hackers.

Recommending cyber services doesn’t just entail defending against a deliberate cyber-attack. Often, it means ringfencing unintended cyber breaches that can cause data loss and leakage. Provisioning immutable, automated, and reliable backups of data is therefore essential to allow roll-back to the point before the breach occurred.

Achieving industry-specific compliance to cybersecurity regulations is becoming an increasingly requested service. This can be ISO based or Cyber Essentials based, but without recognised cyber compliance certifications, organisations, and their suppliers, can be discounted. In the same vein, Partners must keep their own certifications current.

What are the latest cyber concerns that Partners need to be well versed in? AI takes current centre stage, moving to mass cyber-attacks attempts as it allows cybercriminals to use machine learning to launch increasingly sophisticated cyber-attacks, and at scale, via AI-generated malware or AI-phishing scams. Increased content provision and adoption offered from AI content generating platforms such as ChatGPT has raised concerns that input data can be manipulated and Partners need to position cyber surety and transparency of source content. Ransomware also remains significant. Customers need Partners to offer robust solutions for protection, alongside reliable and tested recovery strategies in a ‘When, not If’ approach. Customers also need assistance to look outside of their physical parameters in cloud environments; remote working environments and even linked third party supply chains. Cloud means that customers need guidance in securing data, apps and entire cloud-based infrastructures using techniques such as encryption and specialist cloud security solutions, while all the time ensuring compliancy with privacy regulations like GDPR, HIPAA.

Conversely AI is also helping defeat cyber-attacks and Partners can use AI to fight bad actors. For example, currently machine-learning behaviour anticipation is being increasingly adopted within Security Awareness Training simulations directed at employees to create a security-conscious workforce, and for increased threat detection, anomaly detection and security analytics to increase employee awareness of likely phishing attacks using the latest social engineering techniques.