Kevin McDermott

Kevin McDermott, senior IT auditor in Wbg’s internal audit team, said that the recent cyberattacks show that organisations should recognise that it is a matter of “when” rather than “if” they would be subject to a cyberattack as the threat landscape is such that there are a multitude of bad actors out there with access to sophisticated technology.

“Organisations need to expect a cyberattack and be prepared for it,” he said. “Are they able to recover from an attack? Do they have a robust back-up and disaster recovery solution? Are their back-ups ‘air-gapped’? Are they immutable – so that they can’t be affected, even by ransomware? What about their cyber incident response plan – do they test it regularly?”

Mr McDermott suggests organisations consider SIEM solutions providing real-time monitoring, threat detection, and analysis, along with a SOC to help provide expert incident response.

He said: “Software and services such as these are not inexpensive, and we understand that they won’t fall within the IT budget of every organisation we engage with. However, we advise that organisations undertake scheduled vulnerability scans of their networks, both internally and externally.

“Regular PEN tests – or penetration tests – would allow trusted third parties or ethical hackers to test for vulnerabilities on an organisation’s external network defence.”

“Ultimately, protection against cyberattacks comes down to an organisation’s staff being its first line of defence because you can have all the technology at your disposal and still be vulnerable if your staff are not trained regularly on how to look out for and deal with cyberattacks.”

Mr McDermott advises firms to access the website of the National Cyber Security Centre https://www.ncsc.gov.uk/ and follow its 10 steps to cyber good governance.