Anti-Virus

Over a quarter of organisations which fall victim to ransomware attacks opt to pay the ransom as they feel as if they have no other option than to give into the demands of cyber criminals – and the average ransom amount is now over $1 million.

The top three challenges named by enterprise IT security teams were an increased volume of threats and security incidents, insufficient remote access / virtual private network (VPN) capacity, and increased risks due to unmanaged devices.

With such a shortage of qualified Cyber specialists it is essential for organisations to have a clear plan in the event of a ransomware attack.

FortNet work closely with our customers to ensure they have the most appropriate end point protection whether it be straightforward anti-virus or more comprehensive endpoint protection with sophisticated tools and services.

Data Loss Protection (DLP)

DLP can protect against all kinds of adversaries, malicious or not. 61% of companies have suffered an insider attack in the past year. 22% have had six incidents.

Since 2007 there have been thousands of data breaches and many more security incidents.

Billions of records have been lost in giant data breaches such as: the database misconfiguration that leaked nearly 200 million US voter records in 2015, the Equifax data breach that kept getting bigger, BA having 5000 credit cards skimmed and the Yahoo breach that affected 3 billion users.

These are only a few of the many headliners that emphasise the need to protect your organisation’s data.

FortNet UK advises our customers with respect to the most suitable products and services for their organisation and strategic priorities

Insider Threat

An insider threat is the risk posed by employees or contractors regarding the theft of sensitive data, misuse of their access privileges, or fraudulent activity that puts the organisation’s reputation and brand at risk. The insider’s behaviour can be malicious, complacent, or ignorant, which in turn can amplify the impact to the organisation resulting in monetary and reputational loss.

80% of employees tend to take data with them, 2 weeks to 2 months prior to their termination date.

The main insider threats to UK organisations include: the theft of confidential company data from employees planning to or moving on.

Employees failing to follow corporate guidelines can be assisted with Staff Awareness Training

Remote Access

Do you need a VPN, biometrics, two factor authentication, or employee education?

Remote access is here to stay. Whether you are working from home, a hotel, or WIFI hotspot you will need to secure access to your data.

FortNet UK Ltd specialise in providing our customers with guidance to ensure you have the appropriate security in place to secure your staff and data wherever they might be.

Email Security

After anti-virus your staff are the next line of defence. By implementing Staff Awareness Training you can reduce the threat of malicious emails. Adding EDR (Endpoint Detection and Response) will help to detect day zero attacks and spot when a member of staff has opened a malicious email. This should all be supported by 24/7 monitoring which can be covered by an Outsourced SOC, if required. To reduce the threat of email attacks further it becomes necessary to deploy anti-spoofing tools and domain impersonation.

Secure Back-up

Backing up in the cloud is the new normal. Cloud back up scales with your business leaving the responsibility of the infrastructure to companies who provide exceptional reliability. It is essential to have a backup strategy that includes your M365 environments encompassing each endpoint, OneDrive, SharePoint and Teams. Regular scanning for ransomware avoids backing up already infected files.

A secure backup strategy will protect your organisation against hardware failure, employee negligence, power outage and natural disasters.

FortNet can provide highly cost effective backup with unlimited restores, security, automation and granular search and recovery.

GRC - Governance, Regulation & Compliance

GRC tools are emerging. These tools provide essential reporting information to the board. Accelerate audit delivery and reduce man-hours. The need for regulatory compliance and audit trails in the event of a breach have never been more necessary.

FortNet works with their customers to provide software tools to streamline GRC and expertise to ensure the appropriate GRC rules are in place for your industry sector.

Data Loss Protection (DLP)

DLP can protect against all kinds of adversaries, malicious or not. 61% of companies have suffered an insider attack in the past year. 22% have had six incidents.

Since 2007 there have been thousands of data breaches and many more security incidents.

Billions of records have been lost in giant data breaches such as: the database misconfiguration that leaked nearly 200 million US voter records in 2015, the Equifax data breach that kept getting bigger, BA having 5000 credit cards skimmed and the Yahoo breach that affected 3 billion users.

These are only a few of the many headliners that emphasise the need to protect your organisation’s data.

FortNet UK advises our customers with respect to the most suitable products and services for their organisation and strategic priorities.

Insider Threat

An insider threat is the risk posed by employees or contractors regarding the theft of sensitive data, misuse of their access privileges, or fraudulent activity that puts the organisation’s reputation and brand at risk. The insider’s behaviour can be malicious, complacent, or ignorant, which in turn can amplify the impact to the organisation resulting in monetary and reputational loss.

80% of employees tend to take data with them, 2 weeks to 2 months prior to their termination date.

The main insider threats to UK organisations include: the theft of confidential company data from employees planning to or moving on.

Employees failing to follow corporate guidelines can be assisted with Staff Awareness Training

eCommerce

BA’s breach and subsequent fine of £180M brought Magecart’s clever card skimming capability to the fore. Just a few lines of Javascript led to 5,000 current credit cards being stolen. Thousands of websites have been infected by similar attacks.

Magecart has evolved to focus on personal information theft too. FortNet can help you determine if you have been infected and show you cost effective ways to prevent the malicious code from working.

Cloud Security

99% of all misconfigurations in the cloud go unreported. ‘Your data is safe in the Cloud’ is a common misconception whether even if in AWS or Microsoft.

FortNet can help you with visibility, misconfigured servers, human error and the compliance issues that can also cause. We can help you add a layer of security to your cloud infrastructure.

Cloud Management

FortNet can help you add a layer of security to your cloud management adding visibility, assist with Identity & Access Management (IAM) and finding misconfigured servers caused by human error. Non-compliance to GDPR can lead to regulatory fines. FortNet can scan for GDPR compliance - see IT & Risk Healthcheck

Outsourced SoC

As the number of attempts to attack your organisation grow, an overwhelming number of alerts and events can swamp your IT team. Outsourced security operation centre (SOC) will typically provide 30% cost saving versus doing it internally. Outsourced SOC’s will investigate 100% of alerts, take away the headache of staff retention, keep up to date with the latest emerging threats and Intel and ensure the best tools have been invested in.

Patching

NCSC states “Patching remains the single most important thing you can do to secure your technology. This is why applying patches is often described as doing the basics.”Starting with a comprehensive but affordable IT and Risk Assessment, FortNet can provide you with visibility of your entire infrastructure, and direct you to everything that needs to be patched including devices potentially not within your current patch process.

Technology Refresh (EOL)

End-of-life technology compromises your security. The vendors are no longer providing bug fixes, patches or support.

Starting with an IT Risk Assessment, FortNet can help you to uncover EOL technology and either provide ways to secure them or to refresh with up to date replacement.

Attack Surface Management

One of the first thing potential attackers will do when targeting your organisation is to see how much of your infrastructure is directly available from the Internet. On average we find between 20% and 40% more assets facing the Internet than our customers expect. You can’t manage what you don’t know. FortNet provide tools to provide in depth information regarding your infrastructure’s visibility and the underlying vulnerabilities.

Phish Threats

Phishing is the most widely used cyberattack vector. Between 10-15% of spam and malicious email make it past your firewall and filters. There are tools available to help you identify and respond to email threats faster. FortNet can help you to understand what is suitable for your organisation.

Domain Impersonation / Squatting

Domain impersonation is when your own domain has been registered by another person with a small often imperceptible change e.g. a slightly different spelling. This means that your customers, staff and supply chain may inadvertently be engaging with criminals rather than you.

FortNet can help you to understand the risk to your organisation and select appropriate tools to locate the impersonators and remove them from the Internet.

Mobile Threats

2020 saw a huge growth in homeworking with an increased use of portable and personal devices, creating another layer for security teams to protect and manage. This in turn has increased the likelihood of successful Phish attacks and the opportunity for disgruntled employees to steal company data.

To mitigate against these threats, implement a comprehensive IT and Risk Assessment, providing you with a detailed picture to devise a mobile device security plan. FortNet can discuss various solutions with you to help prevent Data Loss Prevention and build Staff Awareness reducing the likelihood of these threats being successful. We can help you with the planning and policy side of things too.

Social Monitoring

The Internet can hold a lot of data about you and your staff. This can introduce a layer of intelligence that malicious individuals can use to target you personally and/or your company. FortNet can help you monitor the social platforms and other elements of the internet where necessary and take actions to get unwanted detail removed.

A simple starting point is to look in the dark web (DW), the illegal part of the Internet, to see if personal and or company emails have been compromised. Fortnet’s FortPatrol - Dark Web Monitoring service will provide a low cost and 24/7 coverage to alert you when emails are discovered in the DW.

VIP Personnel Protection

High profile individuals can be targets for a wide range of criminal activity including kidnap, stalking, robbery, and impersonation. According to the FBI statistics, CEO fraud is now a $12 billion scam. We provide services to assess individuals cyber footprint including physical threats on social media, impersonation attempts and track what data potential attackers could find.

Security Health Check

IT professionals need to have visibility of their entire network and an understanding of it’s health before reviewing strategy, complete an audit or particular cyber project.

Pen Testing

Pen Testing is a necessary activity to demonstrate that new products and services are secure as well as reassuring the business that the overall security of critical systems cannot be compromised. FortNet can provide Pen Testers to suit your need and budget. Initially we recommend an affordable IT and Risk Assessment which gives you the opportunity to close down as many loose ends as possible - ensuring passwords are refreshed and unique, all devices and servers are using current versions of operating systems, applications and antivirus.

Outsourced SOC

As the number of attempts to attack your organisation grow, an overwhelming number of alerts and events can swamp your IT team. Outsourced security operation centre (SOC) will typically provide 30% cost saving versus doing it internally. Outsourced SOC’s will investigate 100% of alerts, take away the headache of staff retention, keep up to date with the latest emerging threats and Intel and ensure the best tools have been invested in.

FortNet UK advises their customers with regard to external resourcing of Cyber Security including remediation, GRC and out-sourced SOC’s.