Data Centre Security: Protecting Infrastructure from Physical and Cyber Threats

New Zayo report analyses trends in DDoS attacks from 2023

Zayo Group, a global communications infrastructure provider, has released its annual Distributed Denial of Service (DDoS) Insights report, which found a significant increase in the intensity of DDoS attacks and their impacts on businesses in the second half of 2023. According to new Zayo data, the average DDoS attack lasted 68 minutes in 2023. With unprotected organisations shelling out an average of £4,700 per minute of each attack, that totals a startling £325,000 average cost to businesses for DDoS attacks.  A key driver to this enormous cost was the steep rise in the duration of DDoS attacks throughout the year. The average length of attacks surged by more than 400% from Q1 to Q4 of last year — from an average of 24 minutes to 121 minutes — signalling a worrying trend from both security and cost perspectives. The astonishing volume of DDoS attacks in the first half of 2023 – up 200% from all of 2022 – seemed to have contracted in the second half of the year. Across all industries, comparing Q4 to Q1 2023, companies saw a 16% increase in attack activity. The outlook isn’t exactly rosy, however, volumetric attacks are being replaced by multi-vector attacks, spreading destruction more widely by targeting individual IP addresses, email systems, databases or web browsers, which are much harder to detect. "What we’re seeing is that cyber crime is only getting savvier,” says Anna Claiborne, Senior VP of Network Connectivity at Zayo. “AI is presenting itself as a double-edged sword in this space. On one side of the blade, criminals are using AI to increase the sophistication of attacks and circumvent traditional defence mechanisms; on the other, mitigation platforms are using AI to dynamically identify and defend against new and emerging threats. As DDoS remains a profitable model for cyber criminals, attacks will continue to be a brutal inevitability for businesses. But luckily, DDoS protection is also rising to the occasion." Key findings by the industry: Telecommunications companies experienced the most frequent attacks, comprising about 40% of total attack volume with nearly 13,000 attacks in H2 2023. Retail and healthcare companies experienced the largest attacks in H2, with an average attack size of 2.5Gbps across companies in these two industries. Government entities once again experienced the longest attacks with the average attack duration increasing from four hours in H1, to 18 hours in H2, increasing by 322%. This is a 1,141% increase from Q1 to Q4 of 2023. Educational institutions accounted for 17% of all attacks last year, thanks in part to the ease and affordability of botnet-for-hire services combined with frequent gaps in the cyber security of the institutions.  Why it matters: DDoS attacks are here to stay, and cyber criminals are not discriminating over an organisation’s size, industry or business model. These attacks cost organisations thousands of dollars per attack, not to mention reputational harm and customer churn, and many of the factors contributing to a vulnerable environment, such as increased digitisation, political unrest and hybrid work, are not going away anytime soon.  The sheer sophistication of these attacks, which are meticulously planned to hit during a business’ busiest time of day and often utilise automation, like bots, to make it easier, makes it a crucial time for organisations to have advanced, forward-thinking DDoS protection. For every company, it is not a matter of if, but when. “Most people on the internet aren’t plotting a DDoS attack, but the internet is a big place and Dark Web crime is the fastest growing business on earth,” says Eric O’Neill, National Security Strategist at Carbon Black. “We’re in an attacker’s market and they are leveraging sophisticated technologies and cutting-edge techniques to innovate the way they deceive, disrupt and destroy our most critical data. To stop the attackers from gaining the upper hand, we need DDoS protection that is as easy and effective as turning on a switch.”

Invicti Security and Mend.io bring full-spectrum of AppSec testing

Invicti Security and Mend.io have announced a partnership to bring the full spectrum of application security testing and supply chain security tools to customers. This partnership pairs Invicti’s DAST, IAST, and API Security domains with Mend’s SAST, SCA and Container Security solutions, to give customers full code coverage and continuous security. Balancing development speed and innovation with the best cyber security practices is critical for companies building and deploying software, particularly as bad actors are increasingly creative and agile in their attack methods. A complete stack of AppSec testing tools that prioritise accuracy and scale are necessary to ensure teams can keep pace with both release schedules and security needs. “The rising number of security vulnerabilities in software results in an ever-changing attack surface, presenting a major challenge to organisations in maintaining and improving their security posture,” says Alvaro Warden, Director of Global Channels and Partnerships at Invicti. “To manage this challenge, companies must have a comprehensive solution that provides speed, accuracy, and coverage in their application security tech stack.” Invicti and Mend.io saw the opportunity to jointly support customers last year through partner opportunities. They continue to see growing demand for the joint, full-spectrum AppSec testing solution as cloud-native software development is shifting risk attention from the network to the application level.

How to prepare for increasing cyber attacks on critical infrastructure

By Joseph Carson, Chief Security Scientist and Advisory CISO at Delinea Today, everyone is well aware of the widespread and serious nature of cyber threats. Cyber criminals have infiltrated almost every sector, from banking to healthcare to government departments. And as the years go by, we see increasingly sophisticated and harmful attacks happening. However, while personal data and financial privacy remain top concerns in the public’s mind, there are other targets in the crosshairs of cyber criminals that pose an even greater threat to society – critical infrastructure.  How is critical infrastructure being impacted by modern cyber threats? Critical infrastructure attacks are becoming a major concern for the safety of people worldwide. A 2022 report from Waterfall Security states that major sectors like energy, utilities, and transportation experienced over 150 cyber attacks last year, representing an alarming rise of almost 150% from the year before.  Cyber criminals, using methods like ransomware and DDoS attacks, are focusing on essential systems that maintain the well-being and security of communities. As more public services organisations and government agencies digitise their operations, the risks of these types of attacks are only going to continue to rise. Fighting back: How organisations are protecting critical infrastructure Awareness and action are two primary factors contributing to critical infrastructure organisations fighting back against modern cyber threats. Below are some key actions that need to be taken by organisations to reduce the risks of major operational disruptions due to cyber attacks: Adopting a proactive approach to cyber security Not having proactive security measures in place is a major risk within critical infrastructure systems. This not only includes taking the time to audit and test systems for potential weaknesses, but also putting more priority into budgeting and allocating resources to cyber security.  Focusing on network segmentation Because of the amount of data and interconnected systems that make up critical infrastructure operations, there are wide attack surfaces for cyber criminals to exploit. To significantly limit the impact of potential attacks, organisations need to focus on network segmentation and strong access controls between both IT and OT (Operational Technology).  By dividing networks into smaller pieces and implementing security measures, such as Privileged Access Management (PAM) and Defence in Depth protocols, it becomes much more difficult for attackers to move laterally across systems and networks. Establishing a cyber security culture Without a culture of security awareness, organisations aren't able to effectively identify and combat the constant threats. This requires a much more holistic approach, going beyond just implementing security technologies and instead establishing a culture of security throughout the entire organisation. Employees who are trained are more likely to report suspicious activity and contain an attack before it turns into a catastrophe.   Because critical infrastructure systems often involve a large number of employees and third-party contractors, it is essential to educate and train everyone on security best practices including the use of Remote Desktop Protocol (RDP) and strong password hygiene such as using a password manager or PAM (Privileged Access Management) solution. Creating a comprehensive incident response plan With the crosshairs consistently on organisations with industrial operations, it's important to think of cyber attacks as a matter of "when" instead of an "if”. This means having a comprehensive incident response plan in place to effectively counter and respond to attacks.  This plan should include steps such as identifying the breach, containing and minimising damage, restoring systems, and learning from the incident to improve future response. Keep our critical infrastructure secure No matter where a cyber security threat comes from, organisations must have a comprehensive strategy in place to protect their infrastructure. Prioritising network segmentation, strong access controls, establishing a culture centered on cyber security, and having a clear incident response strategy can help organisations minimise or avoid altogether these crippling attacks.

NMi Group acquires TrustCB

NMi Group has announced the transformative acquisition of TrustCB in the cyber security domain. This strategic move solidifies NMi Group as the premier provider of certification services for the evolving landscape of digitally integrated and smart devices. A key emphasis of the acquisition is TrustCB’s expertise in translating common criteria standards via SESIP to the Internet of Things (IoT) domain. This strategic move further fortifies NMi Group's dedication to "measure tomorrow" by synergising precision in measurements with increasingly requested robust cyber security standards. In legal metrology and common criteria, coexistence is imperative to guarantee a holistic approach to the functionality, accuracy, and security of devices such as smart meters, smart grids, and other smart industrial devices. Manufacturers and operators navigating these digital landscapes must adhere to both legal and cyber security regulations, ensuring compliance with standards for accuracy and security. Expressing enthusiasm about the strategic move, Yvo Jansen, NMi Group CEO, states, "Acquiring TrustCB fortifies our commitment to excellence in smart industrial devices. By integrating accuracy in measurements with robust cyber security standards, we ensure regulatory compliance and enhance the overall reliability of our solutions." Echoing this sentiment, Wouter Slegers, TrustCB CEO, adds, "Joining forces with NMi Group is a strategic move safeguarding the TrustCB common criteria and dedicated scheme certification business even further. In practical ways, nothing changes; TrustCB stays the trusted, responsive partner as a certification body. This synergy amplifies our commitment to precision and security in smart industrial devices, advancing the global standard for regulatory compliance and elevating the trustworthiness of our certified solutions."

Host-IT keeps the wheels turning at logistics software firm

Host-IT has announced its Birmingham colocation data centre has been selected by Tamworth based, tmWare, for hosting its Disaster Recovery (DR) systems. This follows a review by the warehouse management and transportation logistics solutions specialist of its current and future IT needs. The migration of tmWare’s DR backup systems from its in-house location to a more secure and modern data centre environment was seen as a major priority. Host-IT’s Birmingham-based data centre will now support tmWare’s main IT stack, which has been located at Host-IT’s Milton Keynes colocation facility since 2016.  “Previously we’ve always hosted our DR in-house but based on our positive experience with Host-IT in Milton Keynes, the relocating of our eight DR server systems and back UPS to their Birmingham facility made a potentially hard decision a lot easier,” says Kieron Coughlin, Technical Director, tmWare. “Our DR equipment at Host-IT Birmingham will be connected by a high-speed fibre network to our Tamworth office and their Milton Keynes data centre.”       With thousands of pounds of business at stake with every order fulfilment and delivery, tmWare is mission critical to the performance of its logistics customers. These are reassured by tmWare’s strategic investment in the services of professionally run, highly resilient and secure colocation data centres. “In the seven years since entrusting tmWare to Host-IT, we have enjoyed a highly professional and personalised service as well as an excellent uptime record,” says tmWare’s Managing Director, Lyndsey Phillips. “Their consistently excellent service and ability to support our current and future needs in a timely manner gives us every confidence as we look to expand our customer base. Equally, in ensuring the high levels of trusted IT delivery we provide to our existing valued customers.”          Host-IT’s secure ISO 27001, Tier 3 Birmingham facility is centrally located close to the major fibre networks traversing the UK and various regional fibre providers. There is currently 6MW of IT power available to site with the potential to increase this to 12MW.

Logpoint and SecurValue to secure organisations in Southern Europe

Logpoint has announced a partnership with SecurValue, providing cyber security services to help customers detect and respond to cyber threats. Armed with its SIEM+SOAR solution, SecurValue can offer robust threat detection and response, real-time data analysis, early detection of data breaches, and easy implementation of compliance requirements. “We’re happy to partner with SecurValue to help organisations strengthen security posture and cyber resilience. They share our vision for conducting long-term business in Southern Europe,” says Christian Pijoulat, Regional Director SEMEA at Logpoint. “SecurValue has a tailored approach to their customers, based on skilled cyber security professionals and trusted technologies, and we’re proud that Logpoint’s solution is now a part of that.” The Southern European market is preparing for the local implementations of the Network Information Security (NIS)2 directive from the European Union to increase cyber resilience across the EU. The directive will expand the existing regulations within data and cyber security, introducing stricter requirements for a broad range of sectors. Non-compliance and failure to report incidents will result in significant fines and sanctions. “We’re excited to add Logpoint to our portfolio to offer our customers improved security capabilities, streamlined operations, and enhanced compliance adherence,” says Fabio Cagna Vallino, Cyber Security BU Director at SecurValue. “CEOs across the region are becoming aware that cyber threats are a top concern and that investments in cyber security are essential to minimise cyber risk. Especially small and medium-sized organisations are struggling with the lack of cyber security professionals trained to handle threats effectively, which leaves them at a major risk of exposure.” SecurValue will offer the Logpoint SIEM+SOAR solution, which analyses security incidents and automates the investigation of threats, improving cyber intelligence, reducing cyber security risk, and accelerating threat detection, investigation, and response. SecurVlaue will also use Logpoint Director, a platform that helps MSSPs and MDRs update, manage, and monitor large and multi-tenant deployments.

Aspire expands its footprint with the acquisition of Cloud Cover IT

Aspire Technology Solutions, a cyber security and modern workplace managed service provider, has announced the acquisition of Cloud Cover IT, a managed service provider based in Glasgow. This is an important strategic acquisition for Aspire, aligning with its vision for expansion into new UK regions and expanding its portfolio of cutting-edge technology solutions.  As part of this investment, Cloud Cover IT will become a part of the Aspire group, and its software development and business applications division will be rebranded as 'Flyte.' The company will be well-positioned to make ongoing investments, better serving its growing customer base by extending its business applications offerings. Cloud Cover IT has been delivering IT support and digital transformation solutions for over 11 years. It prides itself on providing excellent service to its customers. As part of the Aspire group, it has access to the full range of Aspire products, solutions and expertise, offering greater benefits to its customers. Chris Fraser, CEO and Founder of Aspire says, “Our acquisition of Cloud Cover IT marks a new and exciting chapter for both companies. This move will strengthen our presence in Scotland, positioning us in a thriving market. The Cloud Cover team will become an integral part of the Aspire group, and together, we believe we can grow significantly in this key strategic market. I'm excited to see the opportunities accelerate as we offer customers, present and future, the innovative solutions that they need in a changing world. Exciting times lie ahead.” Lance Gauld, Founder and MD at Cloud Cover IT, comments on the synergy between the two companies, “Multiple factors drew us to Aspire; they are an outstanding company. The alignment between our organisations and how we complement each other is evident. We share similar values in our approach towards our people, customers, and objectives. This partnership is not merely a merger with a large IT company; it is a collaboration with a leading UK technology provider that understands us. As part of the Aspire group, we can grow our footprint further and broaden our offerings with access to more expertise, resources and an extensive portfolio of solutions to help our customers drive their businesses forward.” With a 17-year legacy in the technology sector, Aspire has experienced significant growth, serving over 1,700 customers and nurturing a dedicated team of around 250 experts. It has a notable footprint across the UK, including offices in Gateshead, London, Leeds and Teesside. Aspire has earned a reputation for delivering leading solutions across cyber security, cloud, managed services, connectivity and unified communications.

Navigating the promise and pitfalls of cyber security automation

By Leon Ward, Vice President of Product Management, ThreatQuotient New 2023 State of Cybersecurity Automation research reveals that while adoption is rising, lingering hurdles undermine its effectiveness. Cyber security automation has steadily gained traction as organisations seek to improve efficiency, address talent gaps, and keep up with escalating threats. However, the latest research shows that while more businesses are utilising automation, they continue to grapple with obstacles that prevent them from fully capitalising on its benefits. In the recent study surveying over 700 cyber security professionals, ThreatQuotient uncovered several persistent pain points in implementing automation. The research found that a lack of trust in automated outcomes, insufficient expertise among users, and poor communication between teams have hampered automation success. As a result, organisations are struggling to build confidence in automation and maximise its effectiveness. Lack of trust undermines confidence in automation The research revealed ubiquitous struggles with implementing cyber security automation, with 100% of respondents reporting problems. The top issues undermining confidence in outcomes were lack of trust (31%), slow user adoption (30%), and bad decisions (29%). However, when we drill down, CISOs differ from other leaders regarding specific challenges. 40% cite 'bad decisions' as a top concern, versus 29% overall. With ultimate cyber risk accountability, CISOs feel the impact of poor automation outcomes. Automated actions like incorrectly blocking legitimate email/domains appear suspicious but negatively impact business. These errors erode user trust that automation improves security and organisations become hesitant to rely on it. For example, an automated system may erroneously block access to a legitimate business domain that some vendors use for email communication. Employees suddenly find themselves unable to communicate with key partners, and business operations grind to a halt. This not only negatively impacts revenue but destroys end user trust in the value and accuracy of automated security systems. Organisations then become extremely hesitant to rely on automation out of fear of these business-disrupting outcomes. Without confidence in reliable automated outcomes, businesses will not entrust critical security processes to them. This 31% reporting lack of trust is a major obstacle preventing full realisation of automation benefits. Overcoming this requires solutions that provide transparency into automated decisions. Skill shortages compound adoption difficulties Insufficient expertise among security team members makes implementing automation effectively challenging. Limited skills lead to misconfigurations, integration issues, and other problems. These glitches reinforce the 31% lack of trust in outcomes. When automation fails unpredictably due to suboptimal implementation, organisations cannot reap its advantages. With the cyber security skills gap still growing, and 25% of CISOs reporting the skills shortage as their biggest challenge, businesses often lack personnel to adeptly deploy and manage automation tools. Additionally, 23% of respondents sought training availability when selecting solutions, key for adoption success, and it is clear that skills development should be a key area of focus for organisations to capitalise on automation potential. CISOs point to organisational issues exacerbating challenges, and 25% cited high team turnover as their number one concern, disrupting expertise continuity and skills to smoothly implement automation. Achieving lasting buy-in requires clear communication The research revealed disconnects between roles on automation perspectives, where 42% of CISOs cited efficiency as the top driver to adopt automation, while for SOC leads and MSSPs, regulatory compliance was prime. These mixed viewpoints signify a lack of alignment on automation goals and direction. CISOs must bridge gaps through improved communication of automation plans and benefits. Setting clear objectives, educating all team members, and demonstrating tangible gains are critical for lasting buy-in. When one specialised team implements automation in a vacuum, broader adoption lags. But inclusive messaging of how automation helps every role work smarter fosters shared buy-in. Continuous engagement with stakeholders is also vital. Leaders must showcase automation enhancing efficiency, compliance, productivity, or other goals important to each executive. With disjointed perspectives on its value and role, automation struggles for foothold. Consistent, compelling communication of advantages enables robust, organisation-wide backing of initiatives. Smarter tools and processes are key to overcoming obstacles The 2023 research makes clear that implementing cyber security automation still faces hurdles, with 100% of respondents reporting issues. However, smarter tools and workflows can help organisations overcome these challenges to realise automation's potential. One key need is for automation tools that provide transparency and guardrails, fostering user trust. Intuitive interfaces also enable easier adoption by users at all skill levels, mitigating the skills shortage cited by 23% as a top challenge. Standardising processes around automation provides consistency needed to maximise benefits. Workflows like automated triage avoid the ad hoc approaches causing fragmented gains. Integrations between tools create seamless data flows and unified workflows rather than disjointed toolsets. Report says 24% want integration with multiple data sources when selecting automation solutions. Implementing automation without addressing trust, usability, training, integration, and standardised processes invites disappointment. The research makes clear these smarter tools and workflows offer a path to overcoming obstacles and automation success. Automation challenges can be overcome This exploration of the current cyber security automation landscape reveals persistent challenges that hamper organisations from realising its full advantages. Core problem areas include deficient trust in outcomes, skill shortages among staff, and internal disconnects about automation's role and value. By taking concerted action to increase confidence via transparency, boost team expertise through training, and align understanding of automation's benefits via consistent leadership messaging, CISOs can overcome these hurdles. With thoughtful adoption strategies, secure design principles, and inclusive change management, organisations can tap into automation's immense power to enhance security in the face of growing threats. Through a combination of smarter tools, educated users, and clear communication, cyber security teams can achieve new heights of efficiency and effectiveness through automation. However, achieving automation's full potential is not a one-and-done effort. It requires an ongoing commitment to iteration and optimisation as technologies, threats, and business needs evolve. Regular evaluation of processes and tuning of systems helps sustain peak performance over time. Leaders must also continually assess the human side of the equation. Check-ins with staff at all levels provide valuable insights to shape training programmes, change management tactics, and internal messaging in a way that maintains strong buy-in across the organisation. With personnel empowered and aligned around shared automation goals, organisations can nimbly adapt their approaches to maximise value.

Implementing an effective cyber security strategy in data centres

A robust, scalable and efficient cyber security solution is of critical importance to Colt Data Centre Services (Colt DCS). When looking for a partner to bolster its threat detection and response capabilities, Colt DCS turned to Armor to provide a uniform cyber security platform across all its multinational sites, implementing Armor’s XDR + SOC solution, as well as its VAPT programme to continually identify potential flaws. Background Operating 16 data centres in seven cities across Europe and Asia Pacific, Colt DCS has been designing, building and operating hyperscale and large enterprise data centres for more than 25 years. Like all hyperscale data centre solution providers, Colt DCS’ business model is dependent on customer confidence and being able to convince potential customers that their confidential data, and the data of their own customers, is in the safest of hands. The vast amounts of sensitive and valuable information stored, processed and transmitted by Colt DCS for some of the world’s largest organisations make it a potentially attractive target for cyber attacks. Therefore, effecting a robust and highly assured cyber security platform is essential to its operations and ongoing success. Challenge As part of its commitment to delivering a sustainable hyperscale future for its clients, Colt DCS undertook a thorough evaluation of its cyber security posture. The business found itself reliant on a multitude of disparate solutions, making threat monitoring and response less efficient. This fragmentation also meant that its IT teams did not have a single view of the threat landscape and associated vulnerabilities, instead having to sift through data from various vendors, which reduced response efficiency. Guy Gibson, IT Infrastructure Manager at Colt DCS, says, “What we realised is that we were often ‘reactive’ to threats. We had access to a huge amount of data, but no single view. It felt disjointed and that our current approach lacked structure and control.” Greater vulnerability assessment and penetration testing (VAPT) was also an area it identified for improvement, requiring continuous monitoring and testing of the environment in order to expose potential faults and security weaknesses. Guy Gibson explains, “At the heart of what we were trying to achieve was more efficient threat detection and response, seeking a single source of truth solution that would provide us with greater global threat intelligence, control, testing and guidance, whilst also facilitating large scale growth when required. “We needed to work with someone who really understood the threat detection landscape and who could provide a solution that offered zero downtime to facilitate business continuity. The solution would also have to be compliant to data storage regulations across every country we are located in, and crucially, allow us to retain ownership and control of all data. In essence we needed security delivered in an unobtrusive way.” The cyber security team at Colt DCS was also looking for the reassurance of 24/7, 365 days a year platform security, as well as a trusted supplier and subject matter expert who could provide guidance, training and knowledge to its teams, helping them to grow. “We wanted to learn and improve, so trust, communication and seamless integration between the new provider and our Incident Management Team (IMT) was also a must,” Guy continues, “focusing on detecting and resolving Priority 2 (P2) incidents or higher with a well-defined process for incident resolution.” The solution With all challenges and concerns identified, Colt DCS initiated a search for a cyber security partner who could provide an effective solution across its multinational sites. Armor immediately impressed with its delivery capabilities, technical expertise and the comprehensive solution it proposed to simplify the detection and remediation of cyber security-based threats. Guy explains, “We were highly impressed with the solution proposed by Armor. Other vendors/platforms were considered, but Armor came out top in terms of the technical solution, delivery and the flexible capabilities it offered.” Armor project managed the implementation of Microsoft Sentinel, Azure’s cloud-native security information and event management (SIEM) system, as part of its Extended Threat Detection and Response (XDR) function to correlate logs and telemetry data from all sources, providing a complete view for threat identification. A 24/7 Security Operation Centre (SOC) added an additional layer of cyber security expertise to Colt DCS’ defence, enabling swift threat response and guiding remediation efforts effectively.  As part of the XDR+SOC deployment, Armor configured each of the following custom and native log sources: Azure AD: Provides insights into audit and sign-in logs Azure Activity: Provides an overview of subscription level events Azure WAF: Provides Web Application Firewall logs Azure Firewall: Provides network security and application rule logs Azure SQL Database: Provides audit and diagnostic logs Azure Storage Account: Provides audited and diagnostic logs Microsoft 365 Defender: Monitors and logs logons, file, process and registry events Microsoft Defender for Endpoint: Provides security alerts on network endpoints such as laptops, tablets, routers etc. Additionally included in the solution were Armor’s advanced: Analytics Rule Library – including correlation alerting and threat-hunting rules Security dashboards and widgets Configuration of Open Source and Commercial Threat Intelligence Feeds An ongoing VAPT programme was also deployed to identify any potential security flaws and enhance its DPS’ overall security position. As a second stage to this project, Colt DCS is now ingesting a new telemetry as part of its XDR solution – Microsoft’s Defender for IOT.  This will enhance its security further by protecting and monitoring internet-connected devices and endpoints within the data centre infrastructure to prevent cyber threats and vulnerabilities. Guy explains, “The implementation of the solutions was well-managed and required minimal input from our internal teams. Not only was it straightforward, but the benefits were felt almost instantly. The solution from Armor has allowed us to have a better oversight of our global operations and assess the cyber landscape more efficiently. “I haven’t received a single complaint from my team. Everyone sees Armor as a force for good. Armor’s solution has allowed us to shift our mindset internally, we are more proactive and focused. We can spend more time on access control rather than trying to process and understand vast quantities of data, which had become the norm. “There have been numerous threats and vulnerabilities picked up since the implementation of Armor’s system. Issues that I think could have posed a real risk had our teams not been able to detect and remediate them. One example was the detection of a compromised email account which had the potential to be used for malicious means if not resolved swiftly. With this new solution we were able to be informed accordingly and take immediate remediation steps.” Shortly after the implementation of the Armor solution, Colt DCS expanded capacity across ten of its sites. Guy adds, “Having implemented the XDR solution ahead of this expansion undeniably meant that this process was much swifter. It was far less concerning to all involved than it would’ve been using our previous approach. “Overall, the entire solution has helped us to achieve every single objective we set out to achieve on this journey, making the assessment of the cyber landscape a lot simpler for our team, threat detection and response quicker and more efficient, whilst continually facilitating our expansion.” The wins Unified cyber security provision Greater threat visibility Minimised false positives and reduced alert fatigue Simplified and faster incident response Reduction in people hours to detect and manage threats Elimination of threats before they cause damage Improved global oversight across Colt DCS’ locations Implemented with zero downtime and full business continuity experienced Enhanced access control Compliant with data storage regulations across every location Retained ownership and control of all data Accessible guidance, training and knowledge support

Research reveals that 95% of security leaders are calling for AI cyber regulations

Research from RiverSafe has revealed that 95% of businesses are urgently advocating for AI cyber regulations, ahead of November’s AI Safety Summit. The report, titled 'AI Unleashed: Navigating Cyber Risks Report', conducted by Censuswide, revealed the attitudes of 250 cyber security leaders towards the impact of AI on cyber security. Three in four businesses (76% of surveyed businesses) revealed that the implementation of AI within their operations has been halted due to the substantial cyber risks associated with this technology. Security concerns have also prompted 22% of organisations to prohibit their staff from using AI chatbots, highlighting the deep-rooted apprehension regarding AI's potential vulnerabilities. To manage risks, two-thirds (64%) of respondents have increased their cyber budgets this year, demonstrating a commitment to bolstering their cyber security defences. Suid Adeyanju, CEO at RiverSafe, says, "While AI has many benefits for businesses, it is clear that cyber security leaders are facing the brunt of the risks. AI-enabled attacks can increase the complexity of security breaches, exposing organisations to data incidents, and we still have not explored the full extent of the risks that AI can pose. Rushing into AI adoption without first prioritising security is a perilous path, so striking a delicate balance between technological advancement and robust cyber security is paramount." Two thirds of businesses (63%) expect a rise in data loss incidents, while one in five (18%) respondents admitted that their businesses had suffered a serious cyber breach this year, emphasising the urgency of robust cyber security measures. A link to the full report can be found here.