Cyber costs seem to keep increasing every year.
There is always something more that is needed. Organisations can’t afford top over-invest but they can’t afford to under-invest either. It’s a tightrope so we thought it would be useful to prepare a simple guide.
A simpler time
Just a few years ago, the core fundamentals of security were simple. There were three things you really needed to do to protect yourself.
- Antivirus,
- Backups (daily) and
- Patching.
Optionally we’d add a tool to scan incoming emails for viruses
That was enough, and that was the underlying basis of our support plans.
But those days are long gone. Now you need a little more.
A minimum today
Today, anti-virus isn’t enough. It’s now been replaced with EDR, which is more sophisticated and more expensive.
Backups and Patching are as vital as ever.
Then we need to add MFA (which might be annoying but it is also the one of the most effective tools, especially the more advanced versions.
We now have to scan emails for more than viruses. We’re also checking any included weblinks.
We’re testing URLs before people browse to them, and with KARE, we also use AI heuristics to test the webpage as it’s opened.
We’re limiting security access to corporate IT resources and even to administer the local PC (zero trust), scanning for ‘shadow IT’, and increasing cyber awareness with training, briefings and phishing test.
(We have bundled this into a security plan called KARE Foundation)
Stepping it up
The minimum isn’t enough for many.
DATA RULES
Optionally we’re also setting up data rules in 365 (DLP) to limit what can be shared and we’re using something called DMARC to promote safe email.
MOBILES
When you consider how much email and browsing is done on mobiles, it makes sense that we are now starting to protect mobile devices, both Android and Apple with ‘MDM’ tools.
PROTECTED DEVICES ONLY
We’re now developing plans to differentiate between corporate PCs and phones versus bring-your-own-device (BYOD), and we’re using this to start to limit so that unprotected home or shared PCs and mobile devices can no longer access some, or even all, of the IT assets such as 365.
24/7 ACTIVE MONITORING
We’re moving EDR to MDR which means 24/7 (because you and your people might work at any time, and the cloud is always on) SOC and SIEM solutions to monitor for unusual behaviours on devices.
Reports matter!
No matter whart level of security is in place, you NEED reporting. Things change as PCs are added and removed, users come and go, and tools are refreshed.
We reckon detailed monthly reports (with plain english summaries) help you check your IT team is looking after and keeping your security in place, no matter what!
A Simpler Time
Just a few years ago, the core fundamentals of security were simple. There were three things you really needed to do to protect yourself.
- Antivirus,
- Backups (daily) and
- Patching.
Optionally we’d add a tool to scan incoming emails for viruses
That was enough, and that was the underlying basis of our support plans.
But those days are long gone. Now you need a little more.
Reports matter!
No matter what level of security is in place, you NEED reporting. Things change as PCs are added and removed, users come and go, and tools are refreshed.
We reckon detailed monthly reports (with plain english summaries) help you check your IT team is looking after and keeping your security in place, no matter what!
Stepping up for 2025
Today, anti-virus isn’t enough. It’s now been replaced with EDR, which is more sophisticated and more expensive.
Backups and Patching are as vital as ever.
Then we need to add MFA (which might be annoying but it is also the one of the most effective tools, especially the more advanced versions.
We now have to scan emails for more than viruses. We’re also checking any included weblinks.
We’re testing URLs before people browse to them, and with KARE, we also use AI heuristics to test the webpage as it’s opened.
We’re limiting security access to corporate IT resources and even to administer the local PC (zero trust), scanning for ‘shadow IT’, and increasing cyber awareness with training, briefings and phishing test.
(We have bundled this into a security plan called KARE Foundation)
What else should be on our radar?
The minimum isn’t enough for many.
DATA RULES
Optionally we’re also setting up data rules in 365 (DLP) to limit what can be shared and we’re using something called DMARC to promote safe email.
MOBILES
When you consider how much email and browsing is done on mobiles, it makes sense that we are now starting to protect mobile devices, both Android and Apple with ‘MDM’ tools.
PROTECTED DEVICES ONLY
We’re now developing plans to differentiate between corporate PCs and phones versus bring-your-own-device (BYOD), and we’re using this to start to limit so that unprotected home or shared PCs and mobile devices can no longer access some, or even all, of the IT assets such as 365.
24/7 ACTIVE MONITORING
We’re moving EDR to MDR which means 24/7 (because you and your people might work at any time, and the cloud is always on) SOC and SIEM solutions to monitor for unusual behaviours on devices.
Clearly “stepping it up” is much more intensive and that comes at a cost. There are more layers of security, and readers might recognise the alignment with the Cert NZ 10 Critical Controls.
Obviously, as you step up your cyber, your access becomes more restrictive and the cost of tools and support increases. We wish we could say that was the end of it, but it won’t be. We are absolutely certain that the minimum tools will only increase, and there will be new technologies next year that we haven’t even heard of yet, despite our best efforts. That’s because the hackers aren’t standing still either. Cyber-crime is a big business for them, as we’ve noted before in this blog. They continue to invest in new tech, and they aren’t waiting for you to step your protection up.
They know they only need to through your defences once, whereas you have to repel them every hour of every day.
In fact, as we look overseas to observe what businesses like Kinetics are doing, we are seeing a move for them to only accept clients that invest in cyber-security, and that also have cyber-insurance. That make sense because if you can’t get insurance to carry your cyber-risk, then why would you carry that risk yourself?
One thing is for certain – your business is already under attack. The question is, how long will your defences hold out for?
Clearly the last column is much more intensive and that comes at a cost. There are more layers of security, and readers might recognise the alignment with the Cert NZ 10 Critical Controls.
Obviously, as you step up your cyber, your access becomes more restrictive and the cost of tools and support increases.
We wish we could say that was the end of it, but it won’t be. We are absolutely certain that the minimum tools will only increase, and there will be new technologies next year that we haven’t even heard of yet, despite our best efforts. That’s because the hackers aren’t standing still either. Cyber-crime is a big business for them, as we’ve noted before in this blog. They continue to invest in new tech, and they aren’t waiting for you to step your protection up.
They know they only need to through your defences once, whereas you have to repel them every hour of every day.
In fact, as we look overseas to observe what businesses like Kinetics are doing, we are seeing a move for them to only accept clients that invest in cyber-security, and that also have cyber-insurance. That make sense because if you can’t get insurance to carry your cyber-risk, then why would you carry that risk yourself?