Cybercriminals are sophisticated and a rising threat to your organisation. Doing the basics right is one of the most effective ways of securing the business. With the right approach to infrastructure, technology partners and business processes, a breach can be mitigated.
Data protection and ransomware have become the main challenges organisations face, says Kyle Torres, Senior Channel Executive at Intergence partners Sophos. “Five years ago, we were in a trusted perimeter, it was pre-remote working, and you had to go through a set of physical access controls to get into the building to access a workstation, the servers and network,” Torres adds. The new business landscape of remote working and cloud-based tools has increased the threat landscape digital leaders must contend with.
Nation-state threats
Lurking behind this increased threat landscape are nation-states, who sponsor cybercrime groups to sow chaos and confusion across a wide number of vertical markets. Sophos witnessed the scale and ambition of nation-state threats when its Cyberoam firewall division was at the centre of a sophisticated attack that focused on display devices. Code was extracting C2 traffic and looked like legitimate communications with AWS.
Sophos played a cat and mouse game with the attacker to better understand their behaviours, technology and motivations. This informed Sophos and partners such as Intergence that the cybercriminals were preparing a botnet attack that had the potential to damage the 300,000 firewalls around the world that use Sophos technology.
Further reading
- Elevate Your Cybersecurity with Intergence Managed MDR Services
- Sophos X-Ops unveils five-year investigation tracking China-based groups targeting perimeter devices
- IT infrastructure – The Network Foundation
- State of Ransomware 2025 Report
Get the basics right
Keeping Firewall technology up to date is just one of the basics organisations must do to ensure they are secure. Peter Job, CEO of Intergence, says that too often organisations have a plethora of point solutions, which makes managing the infrastructure of the business complex. Complexity can be exploited by cybercriminals. “A problem that we often find is a variety of tools, and that means it takes longer to spot issues,” Job says.
Alongside up-to-date technology, organisations need strong security processes that all employees are aware of. Intergence was called into a regional airport that suffered a major cybersecurity incident and found an employee had downloaded an application because they could, and were not aware of the risks. The download opened the door to the cyber criminal, who was then able to exploit the out-of-date network that operated on a flat architecture with no segmentation.
“We had to provide a parallel network as everything was infected and then start again,” Job says. This is no easy remedy as the equipment needed to build a parallel network has lead times, and cost the airport many millions in costs to get the airport back to operational performance, a direct impact on the bottom line.
For more information on how Intergence and Sophos MDR can enhance your organisation's cybersecurity, contact us. If you're unsure about where you stand with your security posture and want to see if there are any potential gaps in your infrastructure, feel free to register for our free cybersecurity assessment and infrastructure audit.