Sponsored

SPONSORED - Is your security service and response in expert hands?

Every organisation needs to have the right security posture in place, and a clear plan of action for handling incidents.

01 May 2025

Adam Whittington, Solutions Executive, iqx

Every organisation needs to have the right security posture in place, and a clear plan of action for handling incidents. Adam Whittington, Solutions Executive at iqx, the new tech design, build and operate division of iqbusiness, and Wayne Jones, CTO, Cybersecurity Services at iqx, discuss how to prevent an attack, and how to prepare for a response if the worst happens. “The more prepared you are, the better protected you are,” Whittington says. “Good security hygiene is a multi-faceted process that includes regular penetration testing, patching, vulnerability management, monitoring user behaviour, protecting credentials, and ongoing education. Privileged access management has to be best practice and employees must only be able to access what they need to do their jobs.”

Organisations must have an incident response plan in place that will be actioned as soon as a breach occurs. This must address every element of the breach – isolating the problem, advising staff internally, recovering and restoring data, notifying insurance companies, as well as examining the security logs to prevent the same scenario occurring in the future. This is not a box check exercise. Everyone involved must know the plan, and practise it at least every six months.

Security is a complex and constantly changing field. Because of the complexity, and the rapidly evolving threat landscape, many organisations are outsourcing their security service. Using a managed security provider provides them with a dedicated team of experts who have in-depth knowledge of different industries, environments and technologies.

The weakest link

“With a new client, we begin by conducting an assessment to understand what the maturity levels of the security are, what technology is currently being used, and the security culture and behaviour of employees,” Jones says. “We identify any weaknesses, and then our skilled resources help organisations use their tools correctly to protect their critical assets. We make sure everything is utilised to capacity and only if there is a gap do we suggest an alternative. Because of this, we can assist in making security more affordable. If the client has a tool that will work, we’ll make sure it is used optimally. We never constrain an organisation, but look for a balance between what users require, and what the risk mitigation needs to be.”

Users are often the weakest link. At iqbusiness, there’s a strong focus on user awareness training, and also making sure multifactor authentication is correctly implemented, so that bad actors can’t gain unauthorised access.

“At iqbusiness, part of our background research involves luring hackers into ‘canary’ environments, so we can learn what they do and what they are trying to access. We share this knowledge with all our clients so that everyone benefits. We also monitor the dark web for early warnings of leaks, allowing us to respond immediately if we discover client credentials have been stolen,” Jones explains.

Generative AI is an exciting space, but it’s an area of risk as it creates privacy issues. “Employees need to be educated on which models are trustworthy, and that they should never put company data into a free platform,” Jones says. “We offer an AI data loss prevention facility that monitors what’s copied. User awareness and understanding is critical.”

“Implementing effective security protocols, with the help of a managed service provider, is a rapid journey and it’s surprising how fast you progress,” Whittington emphasises. “At the start, there can be technical issues that need resolving, but once this is done, nobody looks back. We walk the road together with you, and make sure that your organisation is optimally protected and prepared.”.

We’re your go-to™️ for Security Solutions. www.iqbusiness.net