Mobile Menu icon

Whatever you need we've got IT covered.

Our highly experienced support team are capable of handling any IT support issue, so you can relax and concentrate on making your business a success.

In the event of any problems, our standard support hours are 9am-5.30pm, Monday-Thursday, and until 5.00pm on Friday. We offer an extended hours contract whereby the support hours become 8am-6pm, Monday-Friday. If you need a quick solution to a technical problem, then our live remote-assistance tool can help. A member of our dedicated support team can liaise directly with you to find the answer to your question.

Step One - Call 0844 800 4456

CLICK HERE FOR LIVE REMOTE ASSISTANCE

×

Support Form

If you are in need of support please fill in the form below or call us on 0844 800 4456

×

Contact Us

London Office:

Main number: 020 3507 1920

Sales number: 020 3507 1922

Technical support: 0844 800 4456

Essex Office:

Main number: 01268 494 100

Sales number: 01268 494 160

Technical support: 0844 800 4456

×

Blogs

Security professionals vs Cyber criminals: Who has the upper hand?

On the security side, organisations appear to have upped their game by adopting more sophisticated tools for preventing attacks and reducing their impact. They’ve recognised the business necessity of a strong security posture and express confidence that their security processes are optimised. Technology vendors are also more attentive toward finding and fixing vulnerabilities in their products, giving criminals fewer opportunities to launch exploits. But at the same time, adversaries are becoming more sophisticated not only in their approaches to launching attacks, but also in evading detection:

  • They change their tactics and tools from moment to moment, disappearing from a network before they can be stopped, or quickly choosing a different method to gain entry.
  • They devise spam campaigns using hundreds of IP addresses in an attempt to bypass IP-based anti-spam reputation products.
  • They design malware that relies on tools that users trust, or view as benign, to persistently infect and hide in plain sight on their machines.
  • They find new vulnerabilities to exploit if vendors shut down weaknesses in other products.
  • They work at establishing a hidden presence or blend in with the targeted organization, sometimes taking weeks or months to establish multiple footholds in infrastructure and user databases. Only when they are ready will they execute their core mission.

According to the new Cisco Security Capabilities Benchmark Study, security professionals say they’re optimistic that they’re well prepared to hold back online attackers. Yet adversaries continue to steal information, make money through scams, or disrupt networks for political goals. In the end, security is a numbers game. Even if an organization blocks 99.99 percent of billions of spam messages, some will make it through. There is no way to ensure 100 percent effectiveness.

When these messages or exploits manage to reach users, it is the users themselves who become the vulnerable point in the network. Since enterprises have become more adept at using solutions that block network breaches, malware and spam, malicious actors may instead exploit users through tactics such as sending them a fake request for a password reset.

As users become the weak link in the security chain, enterprises have choices to make when implementing security technologies and policies. As developers try to make applications and software more intuitive and easy to use, do organisations open new loopholes for cybercriminals to exploit? Do enterprises bypass users, assuming they cannot be trusted or taught, and install stricter security controls that impede how users do their jobs? Do they take the time to educate users on why security controls are in place and explain how users play a vital role in helping the organisation achieve dynamic security that supports the business?

Technology solutions rarely empower users to take charge of security as active participants. Instead, they force them to work around security tools that get in the way of their workday; leaving the business less secure. Security is no longer a question of if a network will be compromised. Every network will, at some point, be compromised.

Yellowspring has the skills and experience to help you develop your security using both technology and process controls. If certification is required, we can guide you through the process. Contact one of the pre-sales team at Yellowspring on 01268 494160 to arrange an initial security audit or email: info@yellowspring.co.uk

back

Latest News

Disaster Recovery planning is so important for your business, so take the time now to view

Read more

Security professionals have adopted more sophisticated ways of keeping themselves safe from cyber attackers. Despite

Read more

Maintaining business as usual in a connected world is dependent upon our ability to communicate

Read more