Do you need help with Cybersecurity?
Most businesses think they’re secure, but are they really? This isn’t about fancy certifications or complex tests. It’s about getting the basics right, especially if you’re a smaller operation. We’re talking about securing your Microsoft 365, using multi-factor authentication, training your staff, and setting up tools like EDR and least privilege access. It’s all about avoiding costly attacks and meeting basic compliance needs.
Key Takeaways
- Have a Plan: A clear cybersecurity plan and someone in charge are essential, even if it’s simple. It shows you’re taking it seriously.
- Budget Wisely: Allocate a yearly budget for cybersecurity, around £40 per user per month in the UK. Most of this should go towards labour and improving systems, not just tools.
- Secure Microsoft 365: Don’t rely on default settings. Improve your M365 tenancy security.
- MFA is Non-Negotiable: Multi-factor authentication needs to be everywhere.
- Train Your Team: User training, including phishing simulations and regular policy sign-offs, is one of the most effective things you can do.
- Least Privilege: Restrict user accounts to only what’s needed for their job.
- Endpoint Detection and Response (EDR): This is your advanced antivirus, crucial for isolating infections.
- Manage Software Installs: Control what software can be installed on your systems.
- Monitor Updates: Keep track of system and firewall updates across all devices.
- Logging and Auditing: Collect logs from all devices to investigate breaches.
- Prioritise Basics Over Pen Testing: Fix fundamental security issues before expensive penetration tests.
Getting Started: The Foundation of Cyber Defence
First off, let’s talk about having a cybersecurity plan. It doesn’t need to be a massive document. It just needs to state that your business takes cybersecurity seriously. The board needs to be on board, and you need to set aside a budget. A good starting point for a budget in the UK is about £40 per user per month. Now, where does that money go? It’s not just about buying fancy tools. Most of it should be spent on labour to actually improve your systems.
If you’re using Microsoft 365, you need to know that while Microsoft has security features, you can’t just rely on the defaults. You need to actively improve the security of your M365 setup. And yes, multi-factor authentication (MFA) is a must-have these days. It should be enabled everywhere.
Training Your Team: Your First Line of Defence
One of the most impactful things you can do is train your users. Think about it: we can send out fake phishing emails to see who clicks on them. We can also provide regular training and get people to sign off on policies. Using short, entertaining videos can make people more engaged with cybersecurity. It’s like when you buy a new yellow Ford Focus – suddenly you see them everywhere. Cybersecurity often isn’t on people’s radar until something goes wrong, like a supermarket’s tills being down due to a ransomware attack. This is a massive risk to your business.
Implementing Essential Security Tools
Let’s look at some of the tech you need. Least privilege is key. This means everyone’s account should only have the minimum access they need to do their job. This includes your IT team – they don’t need to be global administrators all the time. They can get elevated access when needed.
You also need Endpoint Detection and Response (EDR). Think of it as a super-powered antivirus. If you do get an infection, an EDR tool, often backed by a 24/7 Security Operations Centre, can isolate the infected device or network to stop it spreading and alert your IT team.
Managing Access and Updates
Next up is privilege escalation management. This is about controlling who can install software. For smaller businesses, tools like Auto Elevate (for simple things like printer drivers) or ThreatLocker (more advanced) can help manage this.
Monitoring tools are also important. You need to know which machines are not updating. These tools should ideally manage updates for you, including firewall and system updates. They provide reports, which fit into our proactive and reactive cybersecurity approach.
The Role of Logging and Auditing
We also need logging tools, like a SIEM (Security Information and Event Management) system. This collects logs from all your devices. If a breach happens, you can go back and see how they got in. Many businesses think about doing a cybersecurity audit or penetration testing first, but these are often lower priority than getting the basics right.
Penetration testing is useful, but it’s expensive. If your machines aren’t getting updates, or you don’t have policies for passwords and MFA, fix those first. Once those fundamentals are in place, then a penetration test will be much more effective and give you better results.
There’s a lot to this, but the main point is to focus on the tools and practices that have the biggest impact. If you don’t have someone in your business who understands both the technical side and can explain it to leadership, it’s worth reaching out for help. It could save you a lot of trouble down the line.
