London Engineering Company – 400 Employees.
One of the mandatory regulatory controls is the ability to provide evidence that an endpoint device configurations comply with certain screensaver, firewall, disk encryption, and security patch settings also an ability to be able to control users and clients to access protected areas of a network.
What drives engagement with cybersecurity?
Common themes included the perceived sensitivity of the data held, experience of breaches, perceptions that attacks were becoming more sophisticated, major changes in digital infrastructure, and compliance. Organisations that held sensitive personal data, such as customers’ financial, tax or medical records, noted this as the main motivation for investing in cybersecurity. These organisations often discussed the potential for loss of trust and reputational damage if they had a breach, and how this could prevent them from operating.
Experiencing a breach with a negative outcome, such as a loss of data or assets, was a strong driver of behaviour change. One manufacturer Re-solution team spoke with had lost their intellectual property after a ransomware attack, and subsequently reviewed their infrastructure, changed their firewall configurations and moved all their warehouses to a single secure network. GDPR had compelled many organisations to review their approach to cybersecurity.
Main reasons for investing in cybersecurity, among organisations that invest:
Cyber attacks are a persistent threat to businesses and charities. Around a third (32%) of businesses and two in ten charities (22%) report having cybersecurity breaches or attacks in the last 12 months, the most common type of attacks are:
- Phishing Attacks
- Others impersonating an organisation in emails or online
- Viruses, spyware or malware, including ransomware attacks
Re-solution deployed Cisco ISE as a centralized security solution that automates context-aware access to network resources also to perform checks, also known as posture, of all the endpoints that are connecting to a network for compliance with corporate security policies.
Cisco ISE technology achieves this by collecting data about the network, the type of device, partner or user identity, and location, and analysing the sum total to make an informed access decision.