Giving you the best tools to protect your organisation from cyber attacks, data theft and loss, and accidental leaks
Of cyber security breaches caused by human error (IBM)
of malware is sent via email (CSO Online)
Organisations in 2020 were hurt by lack of cyber security defence (Mimecast)
Average cost of a cyber security incident (Ponemon Institute)
As our aim is to help you build and strengthen your cyber defence, and each organisation has different protocols, we have tailored our offerings to be taken with or without additional services
View brochureA government-backed programme assisting organisations in meeting the minimal cybersecurity standards appropriate to their business size. We’ll help you to meet the requirements for getting certified
Cyber EssentialsWe’ll help to build your cyber security defence with comprehensive audits and user training so that you can prevent a breach before it occurs
Audits and Training
Malware is a catch-all term for every type of malicious software. You cannot stop people from trying to attack your organisation’s networks, but you can prevent the attack from causing lasting damage.
Phishing is a catch-all term describing an email delivered with malicious intent. Phishing emails rely on those who aren’t aware of how dangerous so-called spam emails can be. Furthermore, with the introduction of social engineering, cyber-criminals are getting smarter when it comes to persuading people to action a malicious email. A phishing email could appear to be from a colleague or trusted partner, it could have an attachment or a malicious link. A solution such as Sophos Phish Threat simulates phishing emails to employees in order to raise awareness of malicious emails but also to train people on what to look out for such as a typo or change in domain that would indicate malicious intent.
Ransomware is a type of malicious software from that threatens to publish the victim’s data or perpetually block access to it unless a ransom is paid. While some simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse, more advanced malware uses data encryption techniques to make the victims files inaccessible, and demands a ransom payment to decrypt them. In a properly implemented extortion attack, recovering the files without the decryption key is impossible – and difficult to trace digital currencies such as Ukash and Bitcoin are used for the ransoms, making tracing and prosecuting the perpetrators difficult.
Encryption is a way of making data unreadable by converting letters and numbers to symbols, for example a file such as a Word document or Excel spreadsheet can be converted to an unreadable code. An encryption key allows you to decode the document and revert it back to its original state. Encryption as a technology solution allows businesses to protect their data by only allowing access to employees who have the relevant encryption keys. Cyber-criminals also use illegal encryption to make your files unreadable following a malware attack such as Ransomware, the encryption key is promised upon the ransom payment.
Ransomware is initiated by someone clicking a link or opening an attachment that then prompts the encryption of a PC and its contents. Ransomware can affect a range of devices from PCs and smartphones to a smart TV. Once the device and its contents are encrypted, users are shown a message from the cyber-criminals who request a payment in order to hand over the encryption key that will unlock the device. The ransom is usually a request for digital currency such as Bitcoin.
Hackers have a number of tactics to get people to pay up, including a deadline to pay or lose the data forever. It’s rare and very unlikely that files are ever decrypted and return to their owner, our advice is to not pay the ransom. Instead businesses are advised to protect their data with an anti-Ransomware solutions such as Intercept X.
There are technology solutions available that can stop Ransomware in its tracks. Intercept X is an anti-Ransomware solution that identifies unusual network activity that indicates a Ransomware attack, it then blocks the spread and reverts any files that have been affected back to their original state.
Businesses cannot control the possibility of a cyber attack, however IT security solutions such as Intercept X can instantly recognise if malicious software is attempting to infiltrate a network.
It’s important for businesses to understand the size of the threat landscape and recognise the journey the data within their organisation takes. Data is stored in more places now than ever before, whether data sits on-premise, in the cloud or moved around via USB stick. Encryption is a key technology that can safeguard data, this ensures that no-one without the correct permissions can read an organisations information.
Sophos brings endpoint, mobile, server, and web security together in a single, truly integrated management console
Find out more
