JUMPSEC COVID-19 SUPPORT HUB Helping to keep our customers and employees safe during these challenging times.

Keeping our customers safe

What support is available for your business?

Keeping our Employees safe

JUMPSEC has responded to Covid-19 by adapting our operations to ensure continuity for our customers while keeping our staff safe

Keeping you informed

Keeping you informed

Insight to help you manage and mitigate risk during the Covid-19 crisis.

IF YOU SUSPECT A BREACH

If you suspect a breach or have been hacked as a result of suspicious activity relating to Covid-19 please call our Cyber Incident Response Team on 0333 258 2113 or email [email protected]

You can also arrange a CALLBACK

KEEPING OUR CUSTOMERS SAFE

Keeping customers safe Icon 250 x 250 pixels

WHAT SUPPORT IS AVAILABLE FOR YOUR BUSINESS?

Our priority is to help our customers and colleagues to stay safe and secure during these challenging times.

To prevent any interruption to service we have implemented our business continuity plan and put in place the technology and processes for our existing services to continue while our security experts work safely from home.

We have seen a sharp increase in cyber threat activity since the beginning of the Covid-19 outbreak and in particular since the UK has entered lockdown.

All of JUMPSEC’s services remain available to customers and if you wish to review or bolster your current security posture then our expert team is on hand to discuss your needs.

EMERGENCY VULNERABILITY SCAN AND REPORT

JUMPSEC are offering our customers an Emergency Vulnerability Scan to help identify any vulnerabilities that may have arisen in these challenging times. The Vulnerability Scan is performed by our industry leading vulnerability scanning software and is analysed by our in-house expert Cyber Security Team. We will provide you with a vulnerability report and will discuss with you how you might remediate these vulnerabilities. If you are a new customer and would like to discuss the the opportunity for an Emergency Vulnerability Scan and our Managed Vulnerability Scanning service please do get in touch on 0333 939 8080 or email [email protected]

JUMPSEC’s Vulnerability Scanning is CREST accredited.

EMERGENCY PENETRATION TESTING

If you have not had a recent penetration test or are concerned that you may be under greater threat during the Covid-19 pandemic please get in touch as we are performing a variety of Penetration Tests for our customers, from external penetration tests, to internal penetration tests and remote working penetration tests. Please get in touch on 0333 939 8080 or email [email protected] to discuss your Penetration Testing needs.

EMERGENCY PHISHING ASSESSMENTS

Phishing attacks have seen a 600% rise since February 2020. To combat this surge in cyber threat we are offering customers an Emergency Phishing Assessment service to help test your organisations susceptibility to Phishing Attacks and help create awareness of how to avoid them within your organisation, particularly when many oganisations have necessitated the move of their workforce to working from home. Please get call on 0333 939 8080 to speak to one of our security consultants to discuss your Phishing Assessment needs or email [email protected]

KEEPING OUR EMPLOYEES SAFE

JUMPSEC HAS RESPONDED TO COVID-19 BY ADAPTING OUR OPERATIONS TO ENSURE CONTINUITY FOR OUR CUSTOMERS WHILE KEEPING OUR STAFF SAFE

Our priority is to help our customers and colleagues to stay safe and secure during these challenging times.

JUMPSEC is fully established to run remotely. The majority of the services we conduct for our clients are performed remotely over the internet from our Security Operation Centre in Acton. To prevent any interruption to service we have implemented our business continuity plan and put in place the technology and processes for these services to continue while our security experts work safely from home.

Keeping employees safe Icon 250 x 250 pixels

This means that both our technical teams and client facing teams can operate remotely without any adverse impact on service levels. Existing customers should contact their account managers as normal if they require support of any kind.

We have also established regular video based team meetings to maintain clear communication between our colleagues while we all adjust to operating under these new conditions. This means our staff remain safe while staying up to date with the business.

In some instances we are continuing to provide our onsite internal penetration testing services and our security experts have been briefed appropriately to ensure social distancing measures are adhered to when attending customer premises.

If you have any cyber concerns for your business, no matter how big or small, please do get in contact. JUMPSEC is here to help you.

KEEPING YOU INFORMED

INSIGHT TO HELP YOU MANAGE AND MITIGATE RISK DURING THE CORONAVIRUS CRISIS

We have seen a sharp increase in cyber threat activity since the beginning of the Covid-19 outbreak and in particular since the UK has entered lockdown.

With many organisations moving their staff to working new modes of home working, new levels of security required and new are challenges faced. Regardless as to whether working from home is a new or an existing working practice, all organsiations face increased risk of cyber threat at this time.

JUMPSEC has put together this Covid-19 support hub to help any organisation with cyber security concerns relating to the Covid-19 pandemic. We will publish articles as security issues arise and we will share our thoughts on how organisations can look to provide themselves with additional security from cyber threat.

If you have any security concerns or wish to discuss cyber security for new working practices please do get in touch.

Our cyber security experts can be reached on 0333 939 8080 or email [email protected]

WORKING FROM HOME – HOW TO STAY SAFE FROM CYBER THREAT

The constraints in place to combat the Covid-19 pandemic have meant that many organisations have moved much of the workforce to working from home.

For some organisations this new paradigm presents challenges, however regardless as to whether working from home is a new or is an existing working practice all organsiations face increased risk of cyber threat.

JUMPSEC have put together this short checklist to help organisations set up users to work from home, and what to look out for with regards to phishing and other attacks that adversaries might use to make the most of during the pandemic.

Remain vigilant

Ensure your users remain vigilant and are aware that threat actors with malicious intent will seek to use the current crisis to deploy active phishing campaigns to gain access to an organisation’s internal network and the data that resides there.

Several types of phishing attempts could be deployed:

  • Phishing for users’ credentials by deploying a domain similar to the target organisations.
  • With the government sending out UK wide text messages, this opens up another avenue for attack – threat actors will look to send emails and SMS impersonating the government, and try to get the user to fall victim to the rogue messages by following links and or downloading and viewing attachments.

Securing work-based permissions

Ensure that the role based, and work-based permissions are not lax due to working from home. With the relative speed in which the lockdown was implemented the influx of workers from home has increased exponentially.

Don’t just give access to that file share”, or “just allow remote access to a machine inside the domain”, for ease of use to ensure the same business functionality as what was present when the staff were in the office rather than at home.

Permissions and restrictions should remain as tight as possible, employing the least privileged principle to the workplace environment, and ensuring users have the least amount of privileges to do what tasks users are required to perform.

Enforcing incident reporting

It is important for organisations to enforce a security policy for staff that are working from home for the foreseeable future and communicate the process to them.

Ensure staff know the exact procedure for reporting security related issues and ensure all incidents are reported and logged for further investigation. Dependant on what type issue has been identified and logged it can be remediated, this requires staff to know and understand how to report a security incident too, or how they would go about reporting it the ISO or information security body within the organisation.

2FA/MFA

The implementation of 2 factor or multi factor authentication is not a new aspect of business and workplace security culture, however now, it is more important than ever.

Employing multi factor authentication to business-critical assets should now be the norm when deploying new infrastructure and business dependant applications.

With the flux of employees working from home, enforce the 2FA multi factor authentication on business critical applications, as an attacker would therefore not be able to breach a web application using just a user’s credentials, it would take a more sophisticated attack to compromise their phone and or authentication device.

These are challenging times. Our technical teams are here to support and help you. If you have questions or would like to chat through any problem we are here to help and guide you through any cyber security challenge.

REMOTE WORKING – MANAGED ENDPOINT DETECTION AND RESPONSE

JUMPSEC are concentrating on helping and supporting our customers with solutions relevant for the current situation, making them safe resilient and adapting rapidly to new ways of working.

JUMPSEC’s Managed Endpoint Point Detection and Response service is for businesses who require safe remote working. The service is operated by our expert security team using JUMPSEC proprietary tools to support organisations, maintain visibility over their IT estate and keep track of malicious activity on employee computers.

From threat identification to investigation and remediation, the fully managed solution allows our expert team to remotely manage any incidents targeting individual machines that are now being used away from the office in a home or a less secured environment.

To help businesses get this protection into place quickly, we’ve made the enablement process as simple as possible, with no minimum contract and can implement this solution across an organisation quickly and remotely.

If you have questions or would like to discuss how Managed Endpoint Detection and Response can help your organisation please get in touch.

HOW TO IDENTIFY PHISHING SCAMS

Cyber criminals have been focusing all their efforts on scams that capitalise on the panic of COVID-19. The biggest risk is from Phishing scams, malicious messages that appear from a trusted source, with attacks up more than 600% since February 2020.

Phishing attacks come in many forms, but all have the same purpose: to trick the recipient into handing over their personal details or to infect their systems with malware.

JUMPSEC recently published an article on How to recognise and avoid Phishing scamsLEARN MORE