Prevention or Mitigation by Nick Matthews

Cyber-crime is a threat to all organisations and it’s on the rise. Cyber criminals are developing more advanced ways to attack organisations no matter how big or small. But with thousands of malicious threats to our data security every day, what’s better – prevention or mitigation? In my option both are equally as important and you need a careful balance of the two to truly protect your data.


Let’s start with prevention. If you don’t get prevention right from the outset, there’s no chance you can mitigate security risks later on.  Threats can come in many forms but some of the most common threats of late are Adware, Ransomware and Spyware. If businesses do not have the tools in place to prevent attacks from these threats, they are at risk of being targeted by cyber criminals.

Cyber criminals are currently operating through exposed networks that offer them open doors to business data. And that’s a problem when data is at the core of everything we do. It’s even more important in light of recent changes in the law and the implementation of GDPR guidelines. The effects of such data breaches can have massive implications for organisations. This includes decreased operational performance, financial loss and tarnished reputations. This is bad news for any business.

It is vital that businesses act and ensure that they have appropriate measures in place today, before tomorrow becomes a problem. But what can you do to keep the criminals at bay? It’s here where prevention prevails, and what’s worse, is it’s so simple – protect your network! And with easy to implement options available at little cost, such as external DNS layer protection, firewall’s and anti-virus/malware, there really is no excuse.


DNS layer protection protects your network externally and stops malicious traffic in it’s tracks before it reaches your network. It works by monitoring the internet to uncover emerging threats at the source. Once a possible threat is identified, it is then blocked at network level. This is generally a cloud-based solution, meaning it’s easy to deploy whilst being an effective way to increase the protection of you business and it’s users in minutes.


Using a firewall is a fundamental requirement that offers protection for your business. They are used to control and secure inbound and outbound traffic seamlessly. Again, this is preventing the threat from ever reaching you. If you get this bit right, mitigation doesn’t even have to come into play. Some firewalls have optimised security features such as intrusion prevention and advanced threat protection too, so if the cyber criminals come calling, they’ll be digging their way out super-intelligent traps. Exposing your users to the outside world without the use of a firewall is massive risk and one that’s not worth taking.


So you’ve got anti-virus and you’ve sorted malware. Tick. But it’s a year old and out of date … massive no no! Up to date anti-virus and malware software is key. This keeps end-user devices including desk-based PC’s, laptops and servers up to date and the rest of your security solutions in tip top condition. If businesses fail to protect these end-users and provide up-to-date security patches, this can create a ‘hole’ in your security. This provides a golden ticket to your most important data. And once cyber criminals have got that, they’re in an incredibly powerful position, while you’re forking out thousands.


Mitigation? It is just as important and it’s so simple. Businesses can adopt all the data security methods in the world, but there is ALWAYS one very important thing to remember, the residual risk is that pesky end user! Here’s the scenario. You are the business owner. You have heavily invested in products and employee time to protect your network from cyber criminals that want your data. Jane in Accounts returns from a lovely holiday in Gran Caneria and is dying to show everyone her lovely holiday photos that she’s been banging on about.

Out comes the USB. Jane puts it in the PC, ready to show the world and his her pictures. Jane doesn’t realise that the USB she shares with her children for school work and files that have been shared amongst her friends is RIDDLED with malware-infected files. Malware is now introduced to your expensively protected network. But even with all the measures you’ve put in place, you’ve been compromised and your data is at risk. This is how easy it can be and throughout my career, even to this date, this happens far too often.

So how can we mitigate this? There are many options available that allow you to do this including password policies and disabling USB drives. But the most important, and often forgotten, way to do this is to improve user awareness of the risks around cyber security.


It is essential that you ensure your staff are vigilant and aware of potential threats, especially when it’s so easy to be caught out. Many organisations neglect this and end up with their data being help ransom, sold and even worse, deleted forever. You can sign-up to online schemes like Cybsafe which cover all of the fundamental elements of business security. This tests your staff on key threats that they could be faced with in the event of a security attack. So next time an employee gets an email from a cyber criminal asking for their details, they’ll know what to check, how to report it and ultimately, how to avoid it altogether.


You would be surprised how many companies and businesses don’t have a basic password policy in place. Yet this is crucial in securing our systems, data and devices that we use daily. And while guidance is given on passwords, it is advised that we change them regularly to keep cyber criminals on their toes and increase password protection. But not all organisations see the value in this and in trying to save their users time and effort by doing this, they cost themselves an arm and a leg.


Using a combination of hardware and software security features you can lock devices so they only run trusted applications. You can manage and define these in your IT Policies. So if an app isn’t trusted, it won’t be able to do anything at all. This also means that even if an attacker manages to compromise devices, they are less likely to be able to launch malicious codes.


For businesses to be able to actively rely on the data security they have in place, they must use a combination of BOTH: prevention AND mitigation. One without the other leaves serious gaps in your protection. This can lead to you paying the ultimate price, especially with hefty fines for the slightest of data breaches. You can no longer afford to put data security at the bottom of your list. You must act now to prevent malicious attacks accessing important data and train your staff to be more savvy so cyber criminals can’t cash in on rookie mistakes.

Need more information?

For more advice and tips on how to keep your business secure, get in touch with our team of experts who can suggest the best way to protect yourself, whatever your budget.



Pin It on Pinterest

Share This