Many companies are working towards, or have achieved, CESG’s ’10 Steps to Cyber Security’ and Cyber Essentials. Mastering these standards is non-trivial in itself and a MUST DO for any responsible business. BUT it only provides a periodic snapshot of the C&R health of a business. While absolutely vital, IT based protections – such as anti-virus software and firewalls – can only provide part of the solution.
The Cyber threat to your company is complex and continually mutating. It falls into 3 categories: organised crime; hackers; and nation state. Despite the impression often created by the media, the vast majority is criminal in intent and home grown.
A recent study on the www revealed:
- Organised Crime
- 1st (72%) of attacks from organised crime gangs within UK.
- 2nd through a growing cybercriminal network in Mexico.
- 3rd is Nigeria, 4th Germany, and 5th USA.
- Just 0.074% of cyber attacks against UK targets originated in China and 0.27% originated in Russia.
- Source: International Business Times – 12 May 2015.
- Hackers/Hacktivists: Moral and thrill agenda drives these to often amazing, headline grabbing success.
- Nation State attack is probably less likely for SMEs but as weaker links in the e-Supply Chain into larger companies, SMEs may be attractive as a way of gaining access to larger organisations.
So it is almost a certainty that you have been/will be successfully attacked – you just may not know about it. The CEO’s key Cyber concerns are typically:
- What is the cyber and resilience risk to my business?
- Have I done enough to reduce my business risks?
- Am I spending too much/not enough?
Why the standard technical solutions cannot protect you
The internet is fundamentally insecure. No code exists that can’t be cracked or firewall built that can’t be breached. Complying with industry standards, or those demanded by your clients, is simply not enough. Compliance cannot prepare you for new threats, which constantly multiply and mutate.
Defending your business must be a dynamic, pro-active activity, sufficiently adaptive to allow your users in, but sufficiently robust to keep threats out. An intelligent security approach is needed to help predict and pre-empt risk to stay ahead of the attacker while maintaining acceptable levels of risk.
Companies need to stay ahead of the threat by understanding the interconnected vulnerabilities of their People, Processes and Technology. This allows them to pro-actively anticipate, contain and neutralise attacks and keep threats away from their vital strategic resources. To enable business to continue despite the mounting cyber and resilience menace.
- Ensures business continuity in a constantly hostile and evolving cyber environment.
- Understands how your business relies on people, process and information technology.
- Work with you to build a robust, repeatable model of your business.
- Use sophisticated analysis tools to identify key points of weakness that affect your business outcomes.
- Identify measures to reduce your vulnerabilities.
- Install real time monitoring that identifies any risks to your business outcomes.
What is RJD’s track record in Cyber Defence?
RJD provides cyber capabilities into:
- Defence Science & Technology Laboratories [dstl]
- MoD Cyber Protection Teams
- Defence Intelligence
- Other government departments
As part of this RJD has developed, with and for government, cyber tools and services. Government now wants to exploit this national investment in the wider government and commercial cyber environments. Our commercial solution, CyCURE®, is based upon our proven Defence toolset/service, Cyber Mission Impact Assessment (CMIA®).
The CyCURE® Service
Our CyCURE® service for enterprise and business cyber security and resilience comprises:
- CyberEYE®: Observe – Understanding and analysing the enterprise.
- CyberTOOTH®: Watch & Protect – live monitoring, alerting and evolutionary protection
Additionally we provide:
- CySTER® for cyber and resilience training and evaluation
- CiCyRONE® for the cyber security and resilience of future cities and urban living enabled by the Internet of Things