“The cyber threat to UK business is significant and growing” – National Crime Agency
UK businesses identifying cyber security breaches or attacks in 2017
cost to UK economy of cyber attacks
days for UK businesses to discover they’ve been compromised, on average
websites still vulnerable to ‘Heartbleed’ attack
This threat is varied and adaptable. Ranging from opportunistic attacks where technical expertise is bought, not learned, to highly sophisticated persistent threats involving custom built malware designed to attack specific targets.
The lines between malicious actors continues to blur with criminal groups imitating states to attack financial institutes and more advanced actors successfully using ‘off the shelf’ malware software to launch attacks.
With the ongoing rise in internet connected devices attackers are gaining more and more opportunities. Consumer goods and industrial systems combined with an ever increasing online commercial footprint provides more avenues of attack than ever before.
However, help is available with our digital security testing service.
What is Digital Security Testing?
Digital security testing covers two separate activities, vulnerability scanning and penetration testing. Vulnerability Scanning is when your network is scanned for configuration problems and potentially exploitable weaknesses. Penetration testing takes this a step further by attempting to take advantage of the identified problems and weaknesses to see just how much of your company data could be obtained by a malicious attacker.
How does it work?
The first stage of any testing is to perform reconnaissance. We will gather information about your business from the perspective of you being the potential target of a hacker. We would then identify vulnerable entry points and assess them for configuration issues and active weaknesses. At this point a vulnerability scan would be concluded. If we were performing a penetration test we would then attempt to leverage these identified weaknesses to attempt to break into your system. At the end of both tests a full report will be produced showing the results of our testing and if we had successfully managed to compromise your business network.
What happens after the test?
You might find that your policies and procedures require either streamlining or a complete overhaul. For example, have you identified the role that each staff member plays in the event of an emergency? Do you have established channels of communications and a chain of command? Do employees have an appropriate level of security awareness? These are all areas that our security testing will highlight where improvement is required. We don’t simply produce reports and finish our involvement at that point, we will be on-hand to provide expert advice and consultancy to implement any IT related provision to improve your security.
If you would like more information regarding our Digital Security Testing please get in touch: