In our first Spotlight feature of 2022, we speak with Philip Ridley, a Principal Consultant at our Trusted Partners, IntaForensics, to get his thoughts on cyber security, best practices, risks and threats and working through a pandemic!
First of all, let’s do introductions. Tell us who you are and a little bit about your role within IntaForensics...
My name is Philip Ridley and I’m a Principal Consultant at IntaForensics. My role is split between looking after our Cyber Security services team and helping customers with their security challenges.
What, in a nutshell, does IntaForensics do? And how do you help people/clients?
IntaForensics has three main areas we focus on: Cyber Security services, Digital Forensic Investigations and Software Development. Our cyber security offering covers a wide range of offerings including Incident Response, Penetration Testing, Cyber Essentials and IASME, as well as helping clients through PCI DSS (the credit card data security standard). You could distil that into helping people both proactively and reactively with their Cyber Security requirements.
Why would a business come to you for help, and how would you help them?
In my role we tend to get a split of customers; some have experienced a Security Incident and need help with responding to and containing the incident, other businesses are looking to be more proactive and are looking for help to improve their security posture.
When responding to incidents, the team help get the situation under control, identify what has happened and how the attack was possible. Once we know this, we can then advise and assist with any remedial actions to help secure the customer’s environment to ensure that those weaknesses can’t be exploited again.
Where a business is looking to improve their current security posture, we take a holistic approach and take time to understand the customer business, their motivations for looking at security and help to review what ‘good’ looks like for their company. We like to make realistic recommendations that will deliver genuine results - not just a box with flashing lights that does nothing!
What, in your view, are the biggest cyber threats to companies right now?
The massive increase in remote working we have seen over the past two years has really been a challenge for a lot of businesses. It has really opened up the security perimeter and made the attack surface of a business a lot larger than it was previously.
The thing that keeps most customers awake at night is the threat of ransomware, and we have seen a lot of instances of ransomware attacks specifically targeting systems for supporting remote working such as VPN and Remote Desktop services.
Having said that though, the ‘old favourite’ of Business E-mail Compromise is still quite prevalent, but with a subtle shift in attacker behaviour again driven by remote working.
Given how rapidly cyber security threats emerge and change, it can be hard for companies to keep up. What message do you have for businesses that are looking to boost their cyber resilience but are struggling to know how and where to begin? Does Cyber Essentials play a role in their cyber hygiene?
Don’t panic! You are quite right that the threat landscape is ever evolving, but by starting with the basics you can protect your company from the vast majority of threats that are out there.
That is why Cyber Essentials is such a great starting point for businesses, it focusses on getting the core elements of security in place and acts as a base on which to build a more mature security programme.
A lot of people consider cyber security to be rather complex. Just how difficult is it for businesses to boost their resilience to online crime?
Cyber Security does have a reputation for being a complex topic, because naturally it can involve a lot of technical jargon and require in-depth knowledge of networks, software development and other IT systems.
But the reality is that you don’t need to be an expert on any of the technical areas to protect your business from online threats. Again, by following some basic security principles and making sure they are applied consistently throughout your organisation you will protect yourself from the vast majority of common cyber threats.
Where should cyber security rank on a company’s list of priorities?
In an ideal world, I would say at the top, but I suppose I’m somewhat biased! In all seriousness, as virtually all businesses nowadays have some sort of interaction with IT systems it really does need be considered a high priority for any kind of business.
If you were to stop and think about how your company uses IT and what would happen if you weren’t able to access those systems that would give you some idea of what the impact of a cyber security incident could be for your business.
Why do you think some companies are reluctant to invest in cyber security?
There is an assumption by some companies that cyber security involves spending money on new software or hardware in order to make you ‘secure’. It is also difficult to rationalise the benefit from investing in cyber security, 'if we haven’t had any issues previously why do we need to worry about it?'
The reality is that you don’t have to spend vast sums to make your business secure, most vendors now offer security tools for free that are perfectly capable of helping protect your business, and you’d be surprised what we’ve been able to achieve by reviewing customers' existing hardware and simply configuring it to work to the best of its capability.
Of course, you can spend money on the latest and greatest tools, but that’s not appropriate or necessary for every kind of business out there.
Arguably the most challenging element of cyber crime is the fact that threats are constantly evolving. Do you find it hard to keep up?
It can be a challenge sometimes to stay on top of everything that is happening out there, especially with such a diverse range of cloud providers, software and hardware vendors.
We have a good system set up internally that allows us to aggregate information from various sources and share it with the team, there are also some great weekly digests that you can sign up for that really help us stay on top of everything.
Do you think the pandemic has changed how you work within cyber security? Have you noticed any major changes to people’s attitudes, methodology or behaviours during Covid-19?
There certainly has been a change in that there is understandably less face-to-face interaction with customers. Luckily we have still been able to deliver all our services remotely, some of our services such as penetration testing have always been remote so it hasn’t been too different overall.
With regards to people, for some of our customers the shift to remote working was a big challenge especially when trying to encourage staff working practices to be as secure as possible outside of the controlled environment of an Office IT setup.
How has Covid-19 effected IntaForensics? Has it been a challenging time for staff with WFH encouraged and vacant offices? Have you adopted new approaches to working practices, and has this had a knock-on effect to your clients? Or perhaps, after the initial lockdown, it was BAU…
For us, our Cyber Security staff have always had that ability to work from home, so the impact wasn’t too great.
Our Digital Forensics team had to split into shifts to manage the amount of people in the office at any one time, but they really responded well and after the initial ‘shock’ of lockdown the system was very effective and didn’t impact any service delivery for our customers.
As mentioned before, the biggest difference was the change in visits to customer sites, but as with everyone else online meetings were used as a substitute.
You work closely with the East Midlands Cyber Resilience Centre. What are the benefits to businesses to signing up to the free core membership that they offer?
The East Midlands Cyber Resilience Centre core membership offers some really valuable benefits to businesses of all sizes. As you mentioned, the core membership is free and gives you access to some useful tools, so if you are looking for somewhere to start with Cyber Security for your business or even looking to improve on what you already have in place it’s a great resource to have access to.
The newsletters, access to the wider services and community can also be beneficial in helping businesses stay on top of the ever-changing world of cyber security.
Before we end the interview, do you have anything else you’d like to impart, whether that be further advice, guidance, or to simply reiterate a point?
I think one of the key things to remember is that cyber security doesn’t have to be complicated and expensive. Start with getting the basics in place and build from there, certifications like Cyber Essentials can be an ideal place to start and is an affordable way to help protect your business and demonstrate to your customers that you are taking cyber security seriously.
Our thanks go to Phillip Ridley for his time and words for this Spotlight feature. You can see the accompanying You Tube video below, and check out IntaForensics on the web and on social media.
Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to firstname.lastname@example.org. Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).