Konica Minolta warns that around 90% of SMBs are risking significant fines and reputational damage through serious IT vulnerabilities and data management weaknesses. The statistic comes from the company’s managed IT support services, giving a snapshot of the potential dangers to IT security amongst UK organisations. Francis Thornhill, Head of Customer & Solutions Marketing, said: “Security compliance is a key area of our assessments and whilst some businesses have seen good results, many others are lacking the right protection which is concerning – and 90% had at least one significant gap. Potential liability is an area that no business wants to face. One business we worked with was potentially facing £15m of fines, whilst another was risking an eye-watering £35m had it fallen foul of the regulator before making our suggested changes. Yet fines are only really part of the risk to business – the greatest risk is damage to trust and reputation with customers as well as complete business operations failure if systems and data can’t be recovered.” Konica Minolta’s findings are amplified by statistics released by the Department for Digital, Culture, Media and Sport (DCMS) that reveal 68% of medium-sized UK firms suffered a cyber security breach or attack during the past 12 months. www.konicaminolta.co.uk BULLETIN IT and data compliance issues Gaps in zero trust implementations Fortinet’s Global State of Zero Trust Report reveals that while most organisations have a vision of zero trust or are in the process of implementing zero trust initiatives, more than half cannot translate this vision into the solutions they are implementing because they lack some basic core fundamentals of zero trust. The report illustrates some confusion about what comprises a complete zero trust strategy. Respondents indicated they understand zero trust (77%) and ZTNA (75%) concepts and over 80% reported already having a zero trust and/or ZTNA strategy in place or development. Yet, over 50% indicated being unable to implement core zero trust capabilities. Nearly 60% indicated they do not have the ability to authenticate users and devices on an ongoing basis and 54% struggle to monitor users post-authentication. This gap is concerning because these functions are critical tenets of zero trust and it brings into question what the actual reality of these implementations is across organisations. www.fortinet.com 40 billion records exposed According to research by Tenable, at least 40 billion records were exposed worldwide in 2021, a considerable increase on the same period in 2020, which saw 730 publicly disclosed events with just over 22 billion records exposed. The analysis is detailed in Tenable’s 2021 Threat Landscape Retrospective report which includes an overview of the attack path and vulnerabilities threat actors favour, plus insights that will help organisations prepare to face the oncoming challenges in 2022. Ransomware had a monumental impact on organisations in 2021, responsible for approximately 38% of all breaches and 6% of breaches were the result of unsecured cloud databases. “Migration to cloud platforms, reliance on managed service providers, software and infrastructure as a service have all changed how organisations must think about and secure the perimeter,” said Claire Tills, Senior Research Engineer at Tenable. “Modern security leaders and practitioners must think more holistically about the attack paths that exist within their networks and how they can efficiently disrupt them. By examining threat actor behaviour we can understand which attack paths are the most fruitful and leverage these insights to define an effective security strategy.” Staying on top of patching assets is difficult enough given the sheer volume of disclosed vulnerabilities, but in 2021 it was even more challenging due to incomplete patches, miscommunications from vendors and patch bypasses. In 2021, there were 21,957 common vulnerabilities and exposures (CVEs) reported, representing a 19.6% increase over the 18,358 reported in 2020 and a 241% increase over the 6,447 disclosed in 2016. From 2016 to 2021 the number of CVEs increased at an average annual percentage growth rate of 28.3%. www.tenable.com Virtual reality investment increases Analysis by institutional stockbroking company Arden Partners reveals that £154m worth of capital flowed into the private virtual reality sector compared to less than £90m in 2020. This was driven by an unprecedented surge of investment in Q4, with the £72m raised smashing the previous record of £46m in the final quarter of 2018. In a report released in late 2021, Arden said the rise of virtual spaces, where players can create new environments to explore with other people through online avatars, has prompted technology conglomerates such as Facebook to hire thousands of employees to work on their development and focus on becoming leaders in the virtual reality space for consumer and professional services. www.arden-partners.com The dangers of exposed personal data A survey by cybersecurity company NordVPN revealed that Brits are mostly worried about their financial transactions (77%), stored personal pictures (36%), and files as well as links shared with others (31%) being made public. Besides that, almost a third (28%) are afraid of exposed online conversations as well as browsing history (27%). www.nordvpn.com 01732 759725 4 Francis Thornhill
RkJQdWJsaXNoZXIy NDUxNDM=