How SAM and Employee Training Can Effectively Combat a Cyber Attack

The media has made us all aware of the disruption a cyber attack can cause to a business’s IT network and Infrastructure. Yet, most businesses do not fully appreciate cybersecurity threats. Particularly small and medium businesses. The best way to protect your business from cyber attacks is with Software Asset Management and Employee Training.

Essential Cyber Attack Safety Employee Training

“TalkTalk hack is ‘wake-up call’, say UK security officials” – Financial Times

“British Gas data leak is third major UK security breach in a week” – Telegraph, UK

“Marks and Spencer website leaks customers’ details” – BBC

Whilst some of the big names rely on cybersecurity companies and experts, there are a number of foundational steps every business can adopt to make their Network and IT Infrastructure safer.

The two most important basic elements to minimising cybersecurity threats are:

  1. Frequent employee training on cyber safety
  2. Managing and Monitoring your IT Infrastructure

Most security experts suggest that the greatest cybersecurity threat facing a business is not training its employees. Accidentally and unintentionally opening a malware from an email, or using weak passwords, and even exporting information into personal devices, will increase the cyber threat substantially, all of which can be avoided and controlled by regular lunch-and-learn type cyber safety training.

Looking for Software Asset Management?

Compare the best SAM solutions in the UK. For FREE.

Search Software Asset Management »

The Areas Employee Awareness and Education Can be Planned Around

Computer Security

Training on how to protect your devices from hackers, scammers, and identity thieves


Training on avoidance, detection, and getting rid of viruses and spyware


Guidelines on how to spot and manage phishing emails/messages

P2P File-Sharing Risks

Awareness of cyber risks whilst sharing information on a P2P network

Wi-Fi Networks

Best practices on using public Wi-Fi zones without exposing personal/business information


Managing and Monitoring your IT Infrastructure

The first steps towards building tight controls over your IT Infrastructure is to access the IT and Information risks with the same rigour as you would with acquiring customers, understanding competition, financial projections and organisational success.

Most companies do not enjoy the right level of support from their board or key stakeholders when it comes to Information Security. Information Security risk involves Employees, Cloud Computing, IT Infrastructure and Suppliers, so getting the buy-in from the leaders of your organisation is a critical factor for success.

Once you have mapped out the key risks, the next step is to document your Information Risk Management Guidelines. As with most elements within your organisation, communication plays a vital role in spreading awareness and educating your organisation on following the information management guidelines.

The 8 Areas of Focus for Managing your IT Infrastructure

1. Secure Infrastructure Configuration

Your IT infrastructure should be developed to secure baseline builds. Manage system configuration by each department. Disable any unnecessary features from your Information Systems and keep them patched against known bugs or gaps. Failing to do this will expose your business to threats and vulnerabilities, and increase the risk to the confidentiality, integrity and availability of systems and information.

2. Fundamental Security of Your Network

Only connect to trusted networks. Adopt well-proven and validated network design protocols to configure your network perimeters and internal network segments. All network devices should ideally be configured to the secure baseline build (this can be challenging if you have a Bring Your Own Device (BYOD) policy).

The Network Perimeter is the right place to filter your required traffic. Another fundamental principle is to monitor your traffic for unusual or malicious activity—often these
are signals of attack or attempted attack.

3. User Privileges Management

Simple and Sufficient are the two principal themes when it comes to the management of user privileges. Avoid having multiple templated user privilege accounts by user type – Manager, Senior Manager, Director, VP etc. Avoid the complexity with simple and effective templated privileges. Common protocols, like ‘software installation, can be only be administered by the IT team’, should be adopted.

Multiple walls should be built around access to sensitive information. Any access/attempted access to unrequired or sensitive information should be tightly monitored.

4. Incident management

Your incident response team should be able to tackle a full range of incidents. The best way to keep on top of your incident management is to test them regularly (testing should reflect real-life scenarios and should not be treated as a formality). Specialist training is required in most cases to properly manage incidents and disaster-related situations.

5. Malware prevention

Typical entry points for malware are email, online browsing, removable media, client machines and personal devices. A strong policy as well as good monitoring of activities is essential. Well-proven anti-virus systems to actively scan for malware for all your incoming and outgoing traffic are a must.

6. Monitoring

Monitor all your systems using Network and Host Intrusion Detection Systems (NIDS/HIDS) and Prevention Systems (NIPS/HIPS). Adapt your monitoring policies based on previous incidents and intelligence. Use reports and stats on security threats like botnets, hacking, trojans, denial of service (DoS) attacks and information leakage.

7. Removable media controls

Data transfer to removable media should be avoided. Where this is not possible, provide devices that are monitored and managed by the businesses. Monitoring becomes a challenge in such situations so it is highly recommended to adopt a no-data-transfer policy.

8.Home and mobile working

Connecting via VPN for mobile working situations should involve multiple security layers. Secure Remote Working training sessions should be arranged frequently for remote/mobile employees.

There is no doubt that most of the above require extra resources and time, but it will be cheaper than managing a post-cyber-attack situation. An easier way to manage most of the above tasks is to implement an effective Software Asset Management (SAM) or IT Asset Management Software. You can shortlist, review and compare UK-based SAM Software options with our tool.