Taking a fortress approach to cybersecurity to foil attacks

Despite its importance, it’s easy for companies to neglect cybersecurity. Sometimes, this is due to companies not analysing why they’re using certain tools to protect themselves or underestimating how effective the tools they have are.

However, if they’re attacked, they can be set for a rude awakening. With DORA (Digital Operational Resilience Act) coming into effect in January 2025, their policies and procedures will be under added scrutiny when they’re hit.

Cloud Shield 365 is Nostra’s latest offering. It is an all-in-one security solution that provides a comprehensive solution to prevent major attacks and ensure rapid recovery should they occur.

Senan Finucane, chief technology officer and co-founder of Nostra, described it as part of Nostra’s dedication to “eradicating the threat of ransomware for our clients”.

The eye-catching feature is that it offers ten layers of protection to ensure robust protection against ransomware and other threats, ensuring peace of mind for businesses.

Finucane said the idea for Cloud Shield 365 came when they spotted a gap in the market. With a large number of companies using Microsoft 365, it’s important to use it to its fullest capabilities.

“The majority of Irish SMEs and mid-market organisations are standardised on the Microsoft platforms,” he explained. “If you have a finite budget to spend, you need to pick the best-of-breed product that offers the best feature set, at the best price point.”

One of Cloud Shield 365’s big features is ten layers of security features, which go a long way toward neutralising the threat of ransomware and other attacks.

Using the castle analogy, Finucane describes the layers as methods of protection like towers, drawbridges, moats, and more, all keeping its inhabitants safe. On their own, they can only do so much, but when combined, they create a strong fortress.

“It’s a multilayered approach to cybersecurity,” he explains.“It bakes ten layers into Microsoft 365 so that there’s a lot to get through before you get to the goodies, which are your devices, data and your users.”

“[Bad actors will] leave you alone if you have ten different layers and will try find a softer target.”

As Finucane mentions, Nostra is a big advocate of companies utilising business premium for Microsoft 365, usually finding that companies end up with a mixture of features from the basic and standard packages.

“When you subscribe to seven or eight different security tools, they’re all disaggregated,” he said.“They don’t talk to each other, so when you make cybersecurity complicated, it falls.”

This is important because of the regulations on the horizon, such as DORA, which requires organisations to operate with high-security standards and disclose breaches when they occur.

If you have a finite budget to spend, you need to pick the best-of-breed product that offers the best feature set at the best price point

The same is true for Microsoft Secure Score, which Finucane describes as a badge of honour, showing how secure you are within the Microsoft 365 ecosystem. Many companies will just go for the standard features, not realising that they’re only fulfilling a portion of their potential.

“Out of the box, you typically have a score of 20 to 30 per cent, which is wholly inadequate, and they don’t realise that,” he said.“It’s a shame to see, as they don’t realise they’re not utilising all the security that Microsoft gives you.

“There’ s a lot of configuration that needs to happen in the background first, and if it’s done correctly, we can crank up your 365 scores to what we believe is the correct level, which is 75 per cent.

“We maintain it monthly going forward and report on it,” he said.

The beauty about the score is that you cannot argue with it, as it’s a strong indicator of your current security setup. If you’re attacked and suffer losses, you can show you had the measures in place when audited, as failure to live up to your duty can have a more negative effect than any attack.

While the processes and technology are important, you can’t neglect the people either. Their knowledge of good and bad security practices is crucial, and you can’t skimp on that investment either. If anything, it puts a greater focus on investing wisely.

“They need to know what good cyber hygiene looks like, as they will believe the software will work 100 per cent of the time, but we know that’s not true.”

Finucane says Cloud Shield 365 is a unique product in the Irish and European markets. The robustness of the protection it offers makes it a tantalising prospect for any company that wants true protection.

“There’s nothing like this in the market in Ireland or Europe. Some things have two layers, but none have a ten-layered approach to cybersecurity, so that’s where we believe we’re the market leader.”