Call us now Email a specialist
+353 1 6420100 | info@ward.ie
  • Resources
  • Blogs
  • Insights

    Northern Ireland: taking on the rising tide of cybercrime

    Alan McVey, NI business development manager , Ward Solutions - image
    Alan McVey, NI business development manager, Ward Solutions

    Cybercrime is a dominant theme in the global news agenda today. Major data breaches, phishing scandals and downtime of important services constantly grab the headlines.

    The fallout that ensues for organisations at the centre of these hacks and breaches is very costly. Financial loss and reputational damage – as well as the distraction from core business activity – can cause lasting and sometimes irreparable damage.

    TalkTalk’s recent widely publicised breach reportedly cost the company around £35 million and had a deeply negative impact on its reputation.

    The attraction for cybercriminals is clear. Bank account details can be sold for £100 – £150 per account, while credit card details usually go for between £7 – £20. US retail giant Target’s major data breach in 2013 reportedly saw upwards of 40 million credit card details stolen.

    Northern Ireland as a cyber security hub

    Providing effective cyber security is more vital now than ever.

    Northern Ireland is a growing hub in the battle against cyber criminality and has become an important cog in the global information security wheel. Invest NI chief executive Alastair Hamilton has highlighted that more than 9,000 jobs were created in this area during 2014/15.

    Along with Invest NI, this vision is driven by the Queen’s University-based Centre for Secure Information Technologies (CSIT), which aims to be a global innovation hub for cyber security. Since its inception in 2008, the centre has helped to attract more than 100 high-tech FDI and start-up companies in the area of cyber security to Northern Ireland.

    The centre will host its 6th annual Cyber Security Technology Research Summit on the 15th of March, adding another string to Northern Ireland’s bow as a developing cyber security hub.

    Large multinational firms are playing a role in this development – at the end of February US firm Alert Logic announced 88 specialist security positions in Belfast. Rapid7 is another strong example of the kind of global leader that has established a significant presence in Northern Ireland.  Last year, it announced it was opening a software development centre in Belfast, creating 75 highly skilled jobs and dozens of student placement opportunities.

    Northern Ireland is developing as a cyber security hub - image.
    Northern Ireland is quickly developing into a recognised cyber security hub.

    Local influence

    Not all of the success is coming from abroad. Local information security providers like Ward Solutions are growing and making their mark on the global market.

    Ward is the largest provider of information security services in Ireland, North and South. It provides a comprehensive range of services including security auditing, consulting, incident response, secure managed services and software development services.

    Through its 17 years’ experience, Ward has discovered that taking a holistic approach and recognising the ‘information security lifecycle’ is the best way for businesses to stay protected.

    “We work with organisations to fully secure their assets and incorporate an information security lifecycle, which focuses on people, processes and technology,” said Pat Larkin, CEO.

    The company has seen great success with this approach and is in a major growth phase.

    “Recently we announced plans to expand our operations in Northern Ireland and Ireland with a £1.5 million investment,” said Alan McVey, business development manager, Northern Ireland.

    “We have significant plans to grow in Belfast and Dublin both in terms of increasing staff numbers and our diverse client base, which includes SMEs, government departments, state agencies and blue chip companies.”

    Ward recently unveiled its new Security Operations Centre (SOC), which includes best-in-class threat monitoring, risk assessment and incident response technologies and is being staffed by a team of experienced information security engineers and consultants. The SOC has significantly enhanced the company’s core services.

    Looking ahead

    The rising tide of sophisticated cybercriminal activity is showing no signs of slowing down in 2016 and beyond.
    It’s important that Northern Ireland maintains and grows its position as an important line of defence in this constant battle and keeps cybercriminals at bay.

    Insights

    Tick Tock – SQL 2005 end-of-life approaches

    SQL2005 end-of-life around the corner - image
    SQL2005 end-of-life could put your data security at risk.The moment that countless businesses across Ireland and Northern Ireland have been worrying about is right around the corner: SQL 2005 end-of-life. Don’t panic though; there are multiple options available to organisations still running the software. If approached strategically, rather than being a moment of risk, the deadline can present an opportunity to upgrade systems and ensure data security.

    Extended support at an end

    ‘End-of-life’ means the point at which Microsoft will cease offering software support for SQL 2005. That means no more releases, no more security patches, and no commitment to support for any issues that may arise. Since 2011 Microsoft has been offering extended support for the service, providing basic security and service updates but not implementing any design changes. Despite this, countless organisations are still running the data management system and are now faced with the choice of upgrading their systems, adopting another solution, or migrating to the cloud. One thing that is clear is that doing nothing is not an option.

    Without any commitment to support the software, businesses risk becoming exposed– to potential defects which could compromise their solutions or to malicious attacks from hackers which could result in costly data breaches.  All it takes is for one hacker to identify a vulnerability in the system. Through this vulnerability they can jeopardise data security, bring down the system, or, perhaps most worrying of all, use the compromised component as a platform to access other systems within the business. This chink in the armour could have serious knock-on effects, potentially even jeopardising an organisation’s entire ICT infrastructure. Such an incident could also have a serious effect on an organisation’s reputation.
    In addition, business may be in violation of regulatory or compliance obligations, if they continue to use software which is no longer supported by its vendor.

    My organisation still uses SQL 2005 – what do I do?

    The most obvious on-premise option when it comes to selecting a new system to succeed SQL 2005 is Microsoft’s most recent release of the software: SQL 2014. Upgrading presents a great return on investment as the suite offers greater functionality and performance benefits and increased security measures.
    Another option, and one that will no doubt be popular among businesses already embracing the cloud, is to migrate to Microsoft’s popular Azure platform. Azure offers streamline capabilities, global availability and allows scaling according to business needs. And although data security in the cloud has traditionally been a cause of concern for many organisations, Microsoft has gone to extensive lengths to mitigate these security concerns, and provide tools and services within their cloud platform to enable organisations with fine grained security controls of their cloud environments.

    When it comes to matters like SQL end-of-life, database security is paramount - image
    Database security can be heightened by implementing a ‘defence in depth’ strategy.

    Ensuring database security

    Once the new environment is in place, however, it is important not to become complacent about data security. Regardless of which version your systems are on, hackers will always be waiting to take advantage of perceived vulnerabilities in any aspect of your environments. When it comes to ensuring the security of databases there is one phrase to remember: defence in depth.
    It is essential to both strengthen your systems against attack, through the use of firewalls, restricted IPs, least privileges principle, and also to minimise the exposure of your systems by keeping them architecturally appropriately layered. For example,  servers hosting public facing services such as web portals, should not be hosting their databases on the same server, to ensure that should a public facing server be compromised, direct access to your data isn’t automatically exposed.

    Encryption features have been introduced into SQL Server since SQL 2008, such as Transparent Data Encryption (entire database encryption) and Column Level Encryption which can help businesses protect their sensitive data at rest and adds another layer of security to their design.

    There is no doubt that the impending end-of-life for SQL 2005 will present a challenge for many organisations. However, with a definitive migration strategy in place, it also offers the opportunity to implement a robust and secure system, which will ensure productivity for years to come.
    When it comes to end-of-life systems, planning is vital. Reacting when the software has already reached the ‘end-of-life’ stage wastes time and resources, leaving staff struggling to implement and understand new systems while managing their regular workload. Structured planning ensures ease of transition and organisations can assure clients of continuity of service, support and robust data security.

    For industry-leading advice on upgrading existing SQL Server systems or migrating to the cloud, contact Ward Solutions today.

    Insights

    IT security jobs – Ward Solutions is hiring now!

    Ward Solutions is looking to grow its team and has a number of IT security jobs available immediately. If a role in Ireland and Northern Ireland’s leading information security provider sounds like the right fit for you, keep reading.

    Information security jobs available at Ward Solutions - image
    IT security jobs available at Ward Solutions now

    At Ward, we are passionate about turning cyber security into a competitive advantage for our customers and protecting them from any threats and vulnerabilities that could affect their businesses. We’re also passionate about empowering our team members and putting the right structures in place to help them advance their careers.

    We’re hiring for information security positions with a focus on penetration testing, web app testing and vulnerability assessments. The exciting roles are spread across Ward’s Dublin and Belfast offices and are available now.

    We are looking for information security specialists who share our passion for IT security and work in a team environment that focuses on knowledge sharing and collaboration.

    Ideal candidates will have between two and four years’ experience in IT security and a good understanding of networked and mobile computing environments, exhibit strong organisational skills, be effective communicators and demonstrate a willingness to learn new technologies.

    Cyber security jobs at Ward offer a great work/ life balance - image
    IT security jobs at Ward offer a great work / life balance

    At Ward Solutions, we encourage a work-life balance and organise events throughout the year for all staff to get involved in – this could be anything from a simple game of golf to a night out at the races!

    Every month, we host a half-day session, where different information security topics are chosen and a member of the team speaks on them. This gives everyone a chance to catch up, reflect and discuss the latest trends in the ever-changing cyber security landscape.

    Want to know more about what life at Ward is like? Read this blog where Mick Ryan, information security consultant with Ward discusses what it’s like to work at Ireland and NI’s leading information security consultancy.

    If you’re interested in applying for one of these exciting IT security jobs, get in touch with our HR manager Anita Walsh for a chat today. Or, if you’re a recent graduate and heading to Career Zoo, drop by our stand.
    “Working at Ward is a positive and rewarding experience. It’s full of talented people and that has enabled me to grow in my own role and learn and develop my skillsets,” – Mick Ryan, information security consultant, Ward Solutions