How our Fortinet SD-WAN solution delivers security at scale

If your organisation is considering SD-WAN (Software-defined Wide Area Network), then effective networking and built-in security should be integral to your decision.

In partnership with Fortinet, QuoStar is one of 15 SD-WAN specialised partners in the UK. We offer a solution that achieves safer, more cost-effective and efficient SD-WAN implementation. Here’s how:

SD-WAN explained

With dispersed workforces, new digital tools and cloud adoption at an all-time high, many organisations are turning to SD-WAN. This virtual WAN architecture brings together existing internet connectivity options, such as MPLS, Broadband, DIA and LTE, to securely connect users to applications, while simplifying the control and management of this connectivity.

SD-WAN solutions help to remove complex and expensive routing, cut down on hardware costs and remove expensive MPLS networks. They can also greatly enhance access to Software as a Service (SaaS) and other cloud-based services and help to minimise downtime.

The issue

However, many available SD-WAN networking solutions have little or no built-in security, which can lead to organisations adding a range of disparate tools to address these risks. This increases capital expenditure, raises complexity and creates potential gaps for cyberattacks.

A fully integrated, secure SD-WAN solution is the best way to ensure effective protection, operational efficiencies, and on-going readiness for evolving network demands.

QuoStar’s SD-WAN solution

Working in partnership with Fortinet, who have been recognised by Gartner as a Leader in the 2022 Gartner Magic Quadrant for SD-WAN for a third year in a row, QuoStar’s SD-WAN solution brings extra security protection and enhanced performance to the existing benefits of SD-WAN. These improvements include:

  1. Protection at all edges

Native security for both on-premises and cloud-delivered services, to provide flexible, secure access for a distributed workforce working on and off the network. Unified orchestration capabilities further provide end-to-end visibility and control of the network environment.

  1. A world-class user experience

Our solution overcomes WAN impairments at all edges using our comprehensive self-healing SD-WAN as well as AIOps and Digital Experience Monitoring (DEM). There are no network slowdowns thanks to our purpose-built security processing units, and application performance is maximised with artificial intelligence and machine learning.

  1. Reduced costs and complexity

Significantly lower operational complexity and low total cost of ownership is achieved with converged networking and security. Our unified SD-WAN solution secures remote workers and on-premises users with consistent policies.

You should investigate SD-WAN if:

  • You’re a largely distributed company experiencing network problems.
  • You’re particularly vulnerable to internet outages.
  • Your internet connectivity costs need to be revaluated.
  • You want to simplify the branch architecture.
  • You’re in the market to affordably expand your company’s network.
  • Your company needs to scale quickly and easily.
  • You would like to enable reliable user experience on any transport with rich routing and advanced WAN remediation for self-healing networks
  • SD-WAN control and management across multiple locations is providing a challenge for businesses with IT resources facing skill gaps

Obtaining a Secure SD-WAN Assessment Report will give you unmatched insight into your current security posture and network activity. Learn more about your network by registering for a free assessment here.

Free SD-WAN Assessment

The cyber-war era: the rapid growth of the threat landscape

cyber security skull banner

 

In this blog we explain what you should be looking out for in the cyber-war era, and how you can best protect the cyber-security of your organisation.

 

The threat landscape is accelerating faster as global tensions grow over the Russia Ukraine conflict. The Cyber-war is well underway, with Ukraine rallying troops for the frontline of the cyber battleground

Cyber-war era: as cyber security threats rise, what should you look out for?

Amid the tensions of early 2022 cyber-attacks were already on the rise, with threat actors targeting both Ukrainian organisations and their government. Although there are still questions around who may be responsible for some of these attacks, Ukraine firmly believes Russian state actors are responsible – and evidence would strongly suggest that is the case.

Since the Russian invasion began in Ukraine on 24th February 2022, businesses and government institutions globally are on high alert for state-sponsored cyber threats – with banks, energy companies and airlines undertaking additional work to strengthen their defences against such attacks. There is an underpinning fear that this could be the new era of global cyber-war.

DDoS attacks

Cyber-attacks on state-owned digital assets such as the Ukrainian Defense Ministry and Military websites increased in February, as they were hit with DDoS (Distributed Denial of Service) attacks, along with two large Ukrainian banks – PrivatBank and Oschadbank. In this case, the websites were flooded with traffic to the point that they crashed, making the websites unusable.

FoxBlade

Microsoft has issued a Security Intelligence advisory about FoxBlade, a novel trojan. This trojan can use your PC for distributed denial-of-service (DDoS) attacks without your knowledge.

Malware

HermeticWiper / FoxBlade (aka KillDisk)

At the end of February, there was the discovery of the new wiper malware that had been unleashed – dubbed HermeticWiper by some and FoxBlade by others. As well the as DDoS attacks mentioned above, it was designed to wipe the hard drives/system storage of the systems infected, corrupting all the data in the drive – making the data unrecoverable – then initiating a system shutdown. It has been found on Ukranian computers, as well as on machines in Latvia and Lithuania.

Furthermore, a “worm component” dubbed HermeticWizard, has been discovered that could be used to spread the HermeticWiper in local networks.

FoxBlade (HermeticWiper) also downloads and installs other programs – including other malware – onto infected systems, Microsoft has advised.

IsaacWiper

Cybersecurity experts identified a second wiper cyber-attack, named IsaacWiper, targeted at Ukrainian governmental networks according to a report on Tuesday 1st March. The second wiper attack was detected on 24th February and is described to be a lot less sophisticated than HermeticWiper.

Cyclops Blink malware

The UK’s NCSC (National Cyber Security Centre) and the US CISA (Cybersecurity and Infrastructure Security Agency) have released details about a new malware targeting network devices, which they attributed to Sandworm – a threat actor previously attributed to the Russian GRU’s Main Centre for Special Technologies (GTsST).

Cyclops Blink is a new piece of malware that targets network devices – supposedly being used by the Sandworm threat actor – a replacement for the VPNFilter malware 2018. The malware collects device information, sending it to a command-and-control server. It can download and execute files, as well as getting additional modules at a later date.

Cloned websites

Researchers have identified a web service hosting cloned copies of websites. A number of Ukrainian government websites were cloned, along with the main webpage of the Office of the President. These sites were filled with malware links, that once clicked, would download on to the user’s computer.

 

What does this cyber-war era mean for nations other than Russia and Ukraine?

 

Whenever one nation launches a cyber-attack against another, it doesn’t just increase cyber risk for the nations involved. It also impacts global cyber risks. The Cyber Attack Predictive Index (CAPI) tool, created by Johns Hopkins Information Security Institute, has hit its highest possible threat likelihood level, at a score of 25 (out of 25) under the current situation.

While the aforementioned attacks aren’t particularly sophisticated, and can be mitigated with the right cyber protection measures, these types of attacks have previously been used as a diversion tactic in order to lay groundwork for more damaging, sophisticated attacks.

Exposure or risk

As the EU, UK and the US impose sanctions on Russia and Belarus there is greater chance of being at risk of targeted cyber-attacks, as retaliations make take place from the Russian and respective forces. Companies across Britain have been warned to prepare for a heightened security risks as the UK placed sanctions on three of Russia’s wealthy allies.

UK organisations have been urged by GCHQ’s National Cyber Security Centre (NCSC) ‘bolster their online defences’ and warned that there has been an ‘historical pattern of cyber-attacks on Ukraine with international consequences’.

According to Laurance Dine, global partner, X-Force Incident Response, IBM, businesses need to start operating under the assumption of compromise, and put in place the proper controls and measures necessary to defend their environment and critical data.

The UK government may well be taking their own measures to defend the cyber security of the nation, as secretary of state for defence, Ben Wallace, told parliament in reference to the National Cyber Force: “I am a soldier, and I was always taught that the best part of defence is offence… What is good for the goose is good for the gander, and that if necessary we could use cyber warfare to give as good as we get back to Russia.”

High alert for the energy sector

This week (28th February 2022) the UK Business Secretary, Kwasi Kwarteng, is holding talks with the chair of National Grid amid anticipation of a surge in state-sponsored cyber-attacks from Russia. A wise move considering that, in a recent report published by IBM Security, the UK’s energy sector was the target of 24% of all cybersecurity incidents in the country last year. It is also thought that Russia was most likely responsible for the SolarWinds and Colonial Pipeline attacks of 2020 and 2021.

We recommend:

  • It may seem obvious but evaluate the controls you have in place against cyber-attacks, particularly ransomware.
  • Pay close attention to the news cycle in relation to this situation.
  • Pay attention to the types of attacks that are coming through via security feeds.
  • Keep everything patched.
  • Watch out for any suspicious traffic that may be coming from outside of the country.

At QuoStar we are committed to helping you and your business remain secure. Our experienced industry professionals are here to give you measured and realistic advice.

Evaluate your protection against currents risks, book a complimentary initial cyber security review session with our Head of Security David Clarke.

 

Cyber Security Post Covid: How to protect against attacks

Cyber Security Post Covid

 

Businesses have done a phenomenal job to keep going throughout Covid to keep people working from home, and at the same time building in those layers of security as they go. However, as this new norm sets in, there needs to be more security in place for the post covid world.

 

Working from home needs additional cyber security post covid

 With people working from home, it is important to realise that there are now layers of security your company can’t easily control. Although there has been an inherent layer of security during covid because people have had to work at home, rather than working out and about in cafes and public places.

We recommend giving guidance on these issues to staff as they may not realise that their homes aren’t as safe digitally as they might think they are. Training helps, and it is essential. It’s also essential for organisations to undertake risk assessments of their new agile/remote working environments.

 

Things you should be considering:

Home environments are a business environment

If you want to breach a corporate network, then you seek out the weak links. People themselves, and home networks/devices are without a doubt weak links that need protecting.

Review your remote working environments

It’s essential that security risk registers and controls are revisited regularly. It’s also important to perform regular penetration tests.

Are the roles now paperless?

Do we need collection of classified documents for shredding?

We are sharing screens more

We need to be cautious about what we are inadvertently sharing.

The use of smart speakers and technology at home

We all know of Alexa, but there are hundreds of varieties. They are all managed by different countries using different clouds. They are recording all the time. IoT and AI are likely to further erode the privacy and autonomy of users.

 

Avoiding successful attacks and creating better cyber security post covid, the short answer…

 

Before you hide, go seek!

The biggest key to it all: do you know where all of your data is?

Layer it up

It’s essential that you rely on all 7 layers of cyber security post covid. You can’t just have one control to stop a threat, just as having antivirus software will not protect you from getting a virus. The same way locking a door won’t stop someone burgling your house. It’s best to apply the Swiss cheese model of risk management.

It is much cheaper to get your security layers in there first. The layers don’t need to be expensive, just suitable, with good architecture.

Encryption

Your data, particularly sensitive data, needs to be protected whilst traveling over non-corporate networks and whilst at rest – sat on a server, the cloud, a mobile or on a laptop.

Work with what you’ve got

Most companies, even big ones, don’t have the budget or endless resources to do everything, the key is optimising what you have got. A simple one, privilege management – what are the entry limits to your digital technology?

Know your risks

It’s essential for all businesses to have a risk register, however large or small. If you don’t know all the risks your organisation faces, how can possibly ensure you are protected against them? It’s negligent to not do so. It’s important that board understands and signs off risks, and doesn’t just leave it to IT. Ask yourself what are your risks to cyber security post covid.

Monitor everything

It’s essential that you monitor all network attached devices for anomalies. If you aren’t looking you aren’t going to see a breach until it’s too late. Many organisations don’t know they’ve had a breach until months after.

 

Business Continuity has been put to the test

Covid has made us test all major categories of business continuity. A few years ago, we’d test things like ‘building unavailable’. Businesses have been put into the real-life working situation of no building available, no public transport, fewer staff numbers and sick and absent staff. We have been hit with all the major categories of business continuity at the same time.

A shortage of senior cyber-security professionals

However, with a global shortage of senior cyber-security professionals, coupled with the prohibitively expensive costs of retaining a full-time, dedicated expert, many businesses may struggle to access the appropriate level of support required.

QuoStar designed the CISO Service to address this problem.

Businesses get access to a dedicated Chief Information Security Officer who will provide senior security leadership and take responsibility for identifying, controlling, and managing risk. Making sure the business’s security posture is strengthened.

Get in touch to find out more here.

 

 

A flexible CISO service for SME’s

Flexible CISO service to the on-demand market for SME’s

The flexible CISO service by QuoStar can help SME’s navigate the ever changing cyber-security landscape.

Cyber crime is changing quickly, it’s a global issue and its ramping by the day. The cybercrime industry is on-target to cost the world $6 trillion in 2021 and is forecast to cost $10.5 trillion by the end of 2025. Everyone is under threat. From the individual sat at home on their iPad or mobile phone, through to small, medium, and large-scale enterprises – even countries! 

So how do mid-market and smaller organisations protect against the clear and present dangers? Cyber Essentials? Without a doubt, cyber essentials ‘does not’ make you secure – it is the absolute bare minimum you need to be doing; look at it like locking the doors to your house. It is the same with anti-virus and firewalls – they are no longer enough. 

  • Does the board and IT team really understand the true level of risk they face in every area of the organisation?
  • How are those risks to evaluated and controlled?
  • Can they make the right budgeting decisions? 
  • How do they respond if there is a breach?
  • How do you do deal with regulators, such as the ICO (Information Commissioner’s Office)?
  • Is their security stance continually improved?  

That’s where QuoStar’s flexible CISO service comes in

As a Leading IT consultancy, QuoStar is offering you access to an on-demand CISO (Chief Information Security Officer) service that can provide organisations with flexible and cost-effective access to senior cybersecurity leadership as and when they need it – from a fully seasoned professional.  

Our on-demand service provides clients with ongoing senior IT leadership and guidance on cybersecurity strategy, management, and response from a certified and experienced CISO. They will be able to identify, control, and manage the multitude of threats and challenges businesses face in today’s rapidly changing security landscape from the get-go.  

The on-demand service operates in close partnership with senior business leadership and IT teams to ensure both parties hold the relevant responsibilities and accountabilities. They will also help to run and implement Information Security Management Systems, such as IASME or ISO27001. This facilitates enhanced security governance, compliance, and ongoing continual improvement of an organisation’s security position. 

The flexible CISO service is led by QuoStar’s Head of Security, David Clarke, who has over 25 years of experience working in cybersecurity, formerly as Global Head of IT Security at BT and other FTSE100 companies. David currently oversees the development, implementation, and support of QuoStar’s clients’ information and security-related risks. 

 

David Clarke - Chief Information Security Officer at QuoStar

David Clarke, comments:

“As a result of the pandemic, company boundaries have become much more fluid. So many employees now work from home. It’s not always clear what belongs to the company and what is personal. Businesses are now having to manage different servers, cloud services, and access control issues. Their technology needs to be safe and compliant in all these areas before it can be performant.  

“Organisations need to adopt a multi-layer approach to security to manage these risks effectively, but that can be costly. With our on-demand service, however, businesses can truly afford to get the best protection possible, without putting undue strain on the bottom line.” 

The on-demand CISO service follows the successful launch of our on-demand CIO (Chief Information Officer) service earlier this year. Our on-demand CISO service has already seen a rapid uptake of interest, with several businesses already taking advantage of the offering.  

 

Robert Rutherford CEO at QuoStar

Robert Rutherford, CEO at QuoStar, comments:

“We are delighted to add the CISO service, alongside or CIO service. QuoStar gives mid-market and ambitious smaller businesses access to top talent at the level they need. We’ve always been passionate about delivering measurable business outcomes to our clients. Our aim is to reduce risks and improve the bottom line. 

We’ve always taken IT security extremely seriously. We have always kept up to speed with the technical controls to IT security risks. The evolution of the risk landscape, accelerated by COVID and the rise of hybrid working means we need to implement enhanced IT security governance into our wider client base. Relying on technology just doesn’t cut it any longer – organisations need to be proactively managing risk, continually.” 

 

Find out how your business could benefit from our CISO Service why not get in touch? Or request a free online consultation from our team today.  

 

Get more than basic cyber-security protection

more than basic cyber-security protection

 

Work towards achieving Cyber Essentials Plus and put in place these 7 security measures.

Want more than basic cyber-security protection for your business? If you already have our 9 Steps to combatting cyber-threats in place and you’re Cyber Essential certified, you’ve made a good start. But if this is all you have, then for proper security there are still a few more steps you can take to safeguard your business. Cyber-crime is £1 trillion industry for cyber-criminals.

After getting the basic accreditation, you can work towards achieving Cyber Essentials Plus. This is a similar experience in achieving the basic Cyber Essentials accreditation. The difference is that it deals with security at a higher level and demands more rigorous policies and practices to be in place.

How else can you secure your business?

Cyber Essentials covers a broad range of topics regarding security and so will likely cover most of your basic security needs. But we also have a brief list of some security systems and techniques which are worth looking into. Or, if you’re looking to get the best level of cyber-security we recommend our CISO service.

 

ISO 27001 ACCREDITATION

ISO 27001 is an internationally recognised certification you can get which proves your cyber-security is at a high level. It can be used as a compelling point for people to choose your business over competitors.

 

STAFF SECURITY TRAINING

Employees are often considered to be the weakest link in the cyber-security chain. But with regular training, they can become one of the strongest as they are able to spot and prevent threats.

 

WARM AND HOT STANDBY

Because of the rising cost of an outage, getting systems back online quickly is vital to prevent minute by minute money from burning. The rise of virtualisation and the cloud has made disaster recovery and business continuity a much simpler and cost-effective venture than before. It’s worth considering.

 

MULTIPLE CONNECTIONS

With connectivity being so critical to a firm, it’s essential to have backup network and Internet connections to prevent a failed connection from leaving the firm isolated from clients and the wider world. Multiple firewalls and/or routers are also recommended.

 

SECURING THE LAN

The LAN has previously been left relatively unprotected but it’s now imperative that you secure the internal network to restrict access from undesirable third parties. You also need to secure any wireless or virtual networks to stop a single breach from creating an open door across the entire firm.

 

MOBILE DEVICE MANAGEMENT (MDM)

Bring Your Own Device (BYOD) is a popular policy, but it’s also dangerous without the correct measures in place. Procedures need to be set up for when a device is lost or stolen or when an employee leaves the company. Don’t adopt BYOD for the sake of it, do it for an important reason. And if employees do need personal devices, look into Choose Your Own Device (CYOD) as a more secure alternative.

 

DATA LEAK PROTECTION

In order to implement an effective data leak protection policy, you need to really understand what data you have and the risks you face. Only then can you really begin to implement the correct controls. These will vary from sector to sector but should include things like portable encryption, endpoint protection, email content control and intelligent firewalls.

 

In short, put in place more than basic cyber-security to stay ahead of the game. Stop those cyber-criminals in their tracks with a good level of protection for your business.

 

Any questions about either of the Cyber Essentials accreditations? Read our FAQ on the subject.

Get more advice on achieving the best levels of cyber-security – contact our team today.