0800 612 2524
Change Region

While the NCSC and other security agencies have not been made aware of any direct threat to UK organisations, they are strongly encouraging businesses of all sizes to immediately review their current cyber security protocols and wider systems that are in place.

If you are unsure of how to carry this out, we have put together a comprehensive checklist to guide you through the process.

What is the current threat level?

In similar nature to financial markets and other areas of business operations, levels of risk naturally fluctuate due to the influence of external events. While a cyber-attack can take place at any moment, there may be times when the cyber threat to an organisation is greater than usual.  

Concerning the nature of current events in Mainland Europe, it has widely been accepted that the risk of a cyber-attack against UK organisations has increased. Although there has been no formal threat made against UK businesses, it is expected that malicious actors will utilise the current instability in an attempt to undermine organisations’ cyber-security defences.

Due to the vast nature of the cyber security landscape, it is near on impossible to predict the exact threat to UK organisations. However, some of the most common forms of tactics utilised by hackers and scammers include:

  • Ransomware and malware attacks
  • Distributed Denial of Service attacks (DDoS)
  • Email and messaging phishing attempts

What can you do in periods of increased risk?

In times of heightened cyber threat, it is vital to strike a balance between the threat level, the measures needed to defend against it and the impact of a potential attack. Moving to a heightened alert level can allow you to:

  • Help prioritise necessary cyber security work 
  • Offer temporary boost to defences
  • Give organisations the best chance of preventing a cyber attack

So what can you do?

Check your systems for updates and patching

One of the most common ways for a hacker or malicious actor to gain access to your systems is through outdated or unpatched networks, systems and tools. Although you should proactively check these vital parts of your business regularly, in times of increased threats, you should ensure:

  • All devices are up to date, including those who run third-party software
  • All internet-facing services are scanned and patched against any known security vulnerabilities
  • All mission-critical databases, systems and networks are free of vulnerabilities; where vulnerabilities cannot be solved immediately, ensure mitigations are in place

Access control

Whilst it is often unintentional, the biggest cyber risk to a business is its employees. With this in mind, IT teams are encouraged to verify access control and encourage staff to ensure their logins are personal and unique to your business. Finally, review who has access to your systems and where necessary remove any inactive accounts. Other points to consider:

  • Develop a password policy
  • Enable multi-factor authentication

Ensure your defences are working

In instances of increased threat, it is vital to ensure your defences are working as intended. In doing such a task, you should examine every part of your current cyber security protocols including:

  • Firewalls – specifically check temporary rules that have been left in place beyond their lifetime
  • DDoS and traffic filtering systems
  • Phishing and spam filters
  • Ransomware attention

Review your backups

With ransomware attacks on the rise, malicious actors are constantly looking for new ways to render your mission-critical data useless.

To mitigate against such threats, it is imperative you ensure your backups are running correctly. Where necessary, perform test restorations from your backups to check data and files have been pulled correctly. Within this make sure your data is accessible in an offline environment.

Third-party access

In today’s service-based economy, working with third-party providers has become the norm. In the instances where external businesses have access to your systems, it is recommended you have a complete understanding of their operation and level of access to your system. Where access is no longer needed, it is vital, that you revoke their access immediately.

Brief your organisation

Often the greatest line of defence your business can implement is awareness training. Ensure your employees are aware of the current threat level, the most common tactics, what to do if you receive a suspicious email and how to report it.

Are you looking for some guidance with your cybersecurity or cloud strategy? Get in touch with our experts for a free consultation on 0800 612 2524 today or email sales@hyve.com

Start your journey today

Discuss your hosting requirements with us today

For more information on our solutions, please call us on 0800 612 2524 or fill out the form below..

  • Hidden
  • We don't send spam to our users
  • Hidden
  • Hidden
  • Hidden
  • This field is for validation purposes and should be left unchanged.