The Security Rollercoaster

Retaining our ISO Certification

As Intuity retain and expand our ISO Certification for another year, our Key Account Director, Thomas Cox takes a moment to reflect on what this certification means to us at Intuity and how it has shaped the way we all now think about data security here at Intuity Technologies.

In early November 2020, Intuity Technologies successfully retained our ISO 27001:2013 certification for the 4th time and over this period we have also extended our scope as the business has grown and developed with new mergers and acquisitions.

This year the recertification process was carried out remotely over a  four-day period and focussed on all areas of The Standard and involved an examination of the various controls we have in place. In the past our recertification audits have taken two days so you can image that the team were a little apprehensive at the idea that all of this time  would be required for this years’ system audit. Would  this mean a difference in approach ? In outcome ?  Would we all literally be audited into exhaustion by the end of the four days?

Little did we know! We were pleasantly surprised following the audit as we found that the extra time had given us the opportunity to showcase all of the areas, we have worked so hard on to protect our information assets. We were able to demonstrate the different controls we have  in place around the protection of information assets but also reveal all the changes we are undergoing to ensure continuous improvement. This new approach also allowed us to take the time to really describe our business and how we operate  and review our progress regularly to the auditor.

The Rollercoaster

Being in business can sometimes be a bit like a rollercoaster and when you initially finish the ride you are remember only snippets here and there. You may not be aware of all of the controls that are in place. Some are seen and some unseen. The control room ensures that the equipment is operating correctly. The regular maintenance of the roller coaster to ensure it’s up to date. Then there is the human element, the operators who ensure that you’re sitting correctly in your seat, that the safety harnesses are tight and secure, however before you take off you must double check that the harness is secure and most importantly you bring it to the attention of the safety team if it’s not, because it impacts directly onto you.

The Covid-19  pandemic has meant that the risk of protecting our data and our businesses is now more important than ever, however it is also true that the “Bad Guys” are all out there using the opportunity of disruption to prey on unsuspecting technology users. Artificial Intelligence (AI)  is now being used by the hackers to probe sites that are connected to the internet. In 2020 we have witnessed first-hand the digital revolution or at least its most aggressive period in recent history. Once hackers have identified their target, they then identify how they will extract financial reward. Normally businesses can provide a safe environment for their workers who are all behind a safe Fire Wall, with remote working this isn’t always the case and can be trickier.

The Global State of Ransomware

I attended a recent global event hosted by one of our IT Security partners at Intuity  which reported on the global state of Ransomware. The facts shared were quite startling. The report found that 91% of the endpoint system applications that were attacked by ransomware were PC’s/ laptops followed by 76% Windows Servers. It also found that most businesses felt that it was their Technology Partner that was responsible to ensure they were safe.

My key takeaways from the report were:

  • Businesses need multiple solutions to combat attacks (has your technology partner suggested ways in doing this)
  • Businesses need to prepare and train their front-line defence: their employees (you can never train your employee’s enough about data security)
  • Businesses need to remember that Ransomware hasn’t gone away, so this should be part of every security conversation
  • Businesses need to check that the safety equipment they have in place is still working so just before you embark on the latest project take a moment to check ARE YOU BUCKLED IN CORRECTLY!

At Intuity , we know from the steps we have taken since March when we went into lockdown that even basic levels of security awareness help to reduce the potential for attack. It’s not likely that we’re going to reduce the amount attacks so all we can do is reduce the potency of the attacks. It’s not if- it’s when.

If you would like us to help you assess your risk, fill in the form below and we will be in touch : 

Oops! We could not locate your form.