Latest News and Opinions

 

What does the threat landscape mean to you? What are your biggest threats? Where are you putting your energy and resources?

What if I said that you're very likely worrying about the wrong thing, and that it's the small thing you're not worrying about which presents the biggest challenge? 

The most pressing threat to your environment, the reputation of your brand, the ability of your users to do their jobs, and the existence of your enterprise likely isn't "the big one" you can see, which you put a lot of time and resource into remediating and guarding against.  

So what is it? It's the one that you don't even know is there!

Here's the thing about threats - it could be quite small, a relative backwater in your environment, but when it unfolds it will still be devastating. 

In fact, I suspect this is what happened to BA with their recent loss of 340,000 customer credit card details: the BA team have relatively good resource, they have the support of major solution providers and blue-chip consultants. Their team is relatively large. So, lots of people, lots of systems, lots of resources doing lots of "stuff", but in fact, no-one doing "that" -  the one thing that would have prevented the loss of reputation and colossal PR disaster that has been September 2018. 

The threat was quite a small one, but no less potent for that and it ably demonstrates that overlooking "the small stuff" can negate all the of the other "good stuff" that's already been done. 

 

How does this happen and why?

 

Most SIEM solutions are adept at giving a single pane of glass view, but they priorities the biggest threats, the most obvious, which is fine for validations but it doesn't add much apart from a warm fuzzy feeling of complacency. 

We all know what the biggest threats are (or can make a pretty good guess!), some have an entire teams dedicated to mitigation, management and thoughtful future planning, so what's the point of a system which just shows what we know? 

True visibility is smarter than this. It shows the obvious stuff of course, but these "headline grabbers" can be quickly dismissed once they are understood and in-hand.  Instead, we need to look further down the list of potential threats to the ones which are smaller but likely unmanaged and therefore more likely to catch you out.  A good visibility product can do this easily, using algorithms and learned behaviour to not only model the landscape but to intelligently use the data gathered to map against "real world" factors, giving a more nuanced picture. 

That nuance is where the true value lies - the overlooked vulnerability, the "chink" in the otherwise very competent armour. It's in these chinks that that the battle is won and lost. 

 

 

 

 

Check Point Subscriptions - Launching Now!

The Best Security is now available to all.  It's been a long time in the making, but finally we are ready to announce that we are now able to offer Check Point Security Suite appliances, Harmony User Security and CloudGuard on monthly subscription. It's a service which has been missing for a long time and it's great to move things forward.  Monthly...

Lithify Achieves Check Point CCSP Status

Lithify's partnership with Check Point goes from strength to strength. Alongside our well-documented specialisms in CloudGuard, Harmony, SMB and our recent status as MSP, we've now added CCSP to our list of accomplishments. This change rewards a huge amount of hard work from our Technical team working with our Check Point colleagues and underpins our...

You Deserve the Best Security - We Love the New Strapline

  You don't have to have known the Lithify team for very long to understand what total fans we are of the Check Point brand - we feel passionately that our customers need the best protection we can give them, and for us, that's often Check Point.  You can therefore imagine how thrilled we are with the rebrand and particularly, the new strapline "You...

SUMMER SPIN 2021

ITS BACK!  In 2019 Lithify was proud to sponsor Summer Spin. A 60 (odd) mile jaunt around the spectacular Cotswold countryside raising money for charity with 30 like minded people, roof's down, braving the British weather! Obviously we couldn't do it again in 2020 but that just mean's that we are raring to go this year! New start and finish points, a new...

HARMONY BY CHECK POINT - SECURELY CONNECT TO EVERYTHING WEBINAR - 18/3/21

Wish you could get rid of clunky VPNs and multiple connection methods for users. In this webinar, Gethin Jones, Harmony Architect at Check Point UK joins us to discuss why Check Point Harmony is a giant leap forward in capabilities for user connections. {youtube}Sru0LPW7VEg{/youtube}

Lithify Joins the Good Business Charter

  The Lithify team is pleased to announce that we are now an accredited member of the Good Business Charter.  The charter seeks to to encourage responsible business behaviour and to publicly acknowledge those organisations who exhibit such behaviour. The aim is to inspire as many organisations as possible to change their behaviour, where required, in...

USER-CENTRIC SECURITY WEBINAR WITH CHECK POINT - 11/11/20

How do organisations put users at the centre of security posture? How do you ensure complete security whilst most are working from home? If users are your organisation's greatest asset, how do we keep them safe? We discuss all this and more in this webinar. {youtube}SoXWmYvV8S8{/youtube}

Help Us with Research

  We're working with Cambridge University on a study into the standards required by Essential Infrastructure organisations.  Henri van Soest is a PhD researcher in Land Economy at the University of Cambridge. His thesis deals with cybersecurity issues in the electricity system. A combination of decarbonisation, distributed generation, and digitalization...

Findings from A Customer Installation of Check Point Email Protection

A successful phishing attack had obtained the password of the head of purchasing department.   This happened while we only had O365 and Microsoft security.   This was the office 365 Password so they had access to his email in the cloud.   We implemented Check Point email protection after the bad guys getting that password but just before they were to...

BE PHISH FREE - E MAIL SECURITY WEBINAR WITH CHECK POINT - 23/9/2020

Phishing has exploded during Lockdown, in this webinar we explore strategies to protect enterprise from phishing attacks and account takeovers. The Lithify team are joined by our colleagues from Check Point and customers across the UK and EMEA.   {youtube}LWsM2kUBqss{/youtube}

SandBlast Mobile - A Customer Perspective

If you're considering Check Point's SandBlast Mobile, you might be interested to read the following review just in from one of our customers, who recently deployed the product.   We  recently implemented Check Point SandBlast mobile on *all* mobile (phone) devices both ‘Droid and Apple during lockdown, following a security breach. There were quite a few...

Purple Team Podcast

Lithify CEO Liz Deakin was recently invited onto the popular podcast "The Purple Team Podcast". Liz sat down with podcast host Eliza-May Austin to discuss the complexities of the OT ICS/SCADA environments. The podcast can be found...

Introducing Check Point Mentor

Over the years, we've watched many clients become disillusioned by the support provided by their vendors and partners.  In many cases, the framework offered by vendors simply fails to meet the requirements for the client. When it comes to telephone support, the "gap" between what the customer thinks that they have purchased, and what was actually...

Welcome to the Revolution

Business traditionally put data at the center of the network, machines and premises second and users last on the list of network priorities. Lockdown has changed all that. Business has realised that employees are what makes a successful enterprise, and that home-working is truly viable. It's up to network managers and us as IT security specialists to help...

Installing SandBlast Mobile

Think installing endpoint is hard work? In this video, Gareth shows us how easy it can be   {youtube}v=fiHcOP9R37E&{/youtube}

The Perimeter is Gone: Long Live Work Anywhere

  What strange times we live in, and what changes we’ve seen in just a short couple of weeks. What’s clear is that there have been major changes In all areas of life, and that’s affected corporate business as much as anywhere else but apart from the many negatives, there are some great positives.     Change, however uncomfortable, brings development...

Free Endpoint Tools for Remote Working

  Check Point is offering free 60-day licences to enable your team to work from home during these trying times.  Use these tools to enable secure access for employees working from home or via mobile devices.  Installation can be carried out from a remote location by Lithify's team of experts, in short timescales.  This is an unprecedented offer by...

Key Steps to Cloud Migration

Moving data and services to the cloud is the hot topic on everyone's lips at the moment, but as with all IT projects, there's no magic bullet. Done correctly, it takes more than a moment no matter what the various cloud providers would have us believe.  Careful planning and a good understanding of the needs of the environment are both key to a successful...

Key Steps to IT/OT Network Convergence

It seems inevitable that IT & OT convergence will be addressed by many operators in the near to mid term. It's certainly a desirable outcome and offers economies of scale and practical benefits for most networks, but there are hurdles to overcome and special considerations to be made.  The need for coherent policy across all parts of the enterprise,...

Making Skype Work Properly with https Inspection

  Tech Chat: This blog comes from our very own John Fenoughty and was originally posted on CheckMates. In this detailed report, John discussed the issues and outlines fixes for the problem.  The piece started life as a discussion of https inspection in general, and in particular about the probe bypass feature, with Skype being an example (along with...

Emmet Cleere Check Point Demonstration

  Think you are safe just surfing? In this video Emmet Cleere from Check Point shows us how easy is can be for Malware to infect your computer then demonstrates how Check Point protects you   {youtube}TJiPbhkF3tM{/youtube}

Easy Transition From N3 to HSCN

  Hard cut over is never fun and is highly dependent on all elements coming together seamlessly for everything to go to plan. It introduces considerable risk in any scenario. Where the change from N3 to HSCN is concerned, firewall changes are needed and these need to happen immediately that the switch from old to new is made. BT are commonly slipping...

Vendor Flip Flopping Serves No-One But Unscrupulous Resellers

  If your organisation has changed vendors more than twice in the last 8 years, it might be time to re-think your approach.  We all know large enterprises which seem to have run the gamut of every security and networking vendor, changing their estate every three years as one deal comes to an end and another one starts. Until recently I presumed that...

Security Still Centred on Perimeter Firewalls? Let's Think Bigger!

Still hanging your security on perimeter firewalls? Its time to broaden your scope Who reading this thinks that perimeter firewalls are the main game in security? Many people still do. We've based security on perimeter firewalls for so long that they're just the accepted way of doing things. Firewall are the mainstay - everyone knows that,...

Account Takeover - Why Now?

One of the oldest breaches in the book is back and the consequences (which have always been bad) are now worse than ever. Account takeover has existed for a long time. It used to rely on poor password policies and exploited those users who used the same username and password combination for everything. Stolen email addresses and passwords (normally...

Thinking Of Downsizing Your Firewalls?

I'm constantly talking to both existing & prospective clients and a new phenomenon is catching my eye. Downsizing, simplification and cost cutting are becoming a trend. I can see why. Firewalls are being commoditised and finance teams are simply asking "what am I getting for my investment?" It's a sensible question brought about for sound commercial...

SaaS Application Security - The Missing Puzzle Piece

  These days we're all using "served" applications (SaaS) - Asana, 0365, Google G Suite, Salesforce, SageOne, Slack, Dropbox - there are many. I can't think of a single enterprise in our current customer base who doesn't have at least one.   This change has happened gradually over the last 5-10 years. We've adopted these technologies because they...

Zero Day Video

The concept of Zero Day can be quite tricky to understand so we've made this awesome video to make it a little bit clearer!     {youtube}b5-50df7Whk{/youtube}

Mobile - The Overlooked Entry Point

Hands up who enables uses to access their corporate email on their mobiles? What about other systems? CRM? Accounts? HR? What about document shares such as One Drive or Dropbox? Pretty well every organisation allows at least one of these, many allow far more.  Whether corporate or employee owned (known by the term BYOD - bring your own device),...

What is Zero Day

The concept of zero day has been around for some considerable time, but its only just starting to gain traction, so what is it, why now, and why should you consider it for your network.  What is Zero Day? A zero-day (also known as 0-day) vulnerability is a computer-software vulnerability that is unknown to those who would be interested in mitigating the...

Why Wait?

What's your next layer of protection before your firewall? How can we help you stop threats before they even reach your gateways? Clearly, the safest threat is one which is neutralised before it even reaches you, and therefore products which help you acheive this are inherently desirable.  Rather than stopping threats on your own gateway, a product which...

Check Point SandBlast Now

  Check Point's SandBlast protection is now available to protect any environment, regardless of current firewall provider, as an appliance which sits alongside your current firewall solution.  This enables organisations with an existing non-Check Point firewall estate to quickly augment their environment with these zero-day controls.  SandBlast Zero-Day...

Think Twice Before Switching to an Inferior Product Set

  If you're considering your options on IT security, it can be tempting to think that something new will be cheaper to run than your current product, will be easier to maintain and may offer a more stable platform. I'm here to tell you that more often than not, that isn't true.  I can understand if you're switching from a solution that is greater than 5...

Joined Up Threats Need a Joined Up Solution

We're entering Gen 5 of security threats. Every vendor and analyst will tell you that threats are sophisticated in a way we've never seen before.  There's much in the press about it:   breaches now hit far and wide, targeting multiple systems at once (or over a sustained campaign). Gone are the days of one-off incidents which can be easily deflected by a...

Think 5 - 7 years out

  We've been providing expert professional services as a team now for many years and in that time, the complexity of the solutions we're providing have moved on considerably. Our most complex install 5 years ago would be pretty standard today - even smaller enterprises today have more sophisticated set-ups than the largest organisations back...

Fantastic Posters!

  The say a picture paints a thousand words. We love these fantastic posters by LogRhythm. Whether you're a current LogRhythm client or not, these fun messages are great for instilling good practice across your workforce. The posters all have snappy analogies and easy ways to remember to change your password often, be aware of phishing, and prevent cyber...

Can you trust Security Comparisons?

  There was a heated debate on LinkedIn last week regarding the usefulness of Gartner and whether an organisation should be using their findings as the basis of their IT decisions.  The crux of the question came from concerns about how Gartner and others (such as Forrester) are funded, how they obtain their ratings and the role that sponsorship plays in...

Doing More with Less

  How to avoid overload and get the most from your time and resources.    More frequently, I'm coming across security teams and IT Directors who are having their operating budgets for IT security cut at a time when they should really be expanding.    The scale of the task in security grows larger by the day, and the complexity that we see as standard...

Hidden Pain Points are Where the Real Danger Lies

  What does the threat landscape mean to you? What are your biggest threats? Where are you putting your energy and resources? What if I said that you're very likely worrying about the wrong thing, and that it's the small thing you're not worrying about which presents the biggest challenge?  The most pressing threat to your environment, the reputation of...

Visibility is Everything

  Ever tried to make a decision with only half the facts? It's a hiding to nothing - how can one possibly expect to make the right devision with only part of the picture? An "informed decision" is impossible. Why then do we expect our networking and security teams to routinely do just this - make their decisions without all of the data, sometimes with...

Risk - It's a Fact of Life

  We live in a world of threats. They're a fact of life, just like common cold or uneven paving slabs. We all deal with threats every day, from the moment we wake up to the moment we go to sleep, and don't fall out of bed and hurt yourself, because that's a threat too.  OK, these examples are silly, but it's true - we're surrounded by risk. For the most...

Full Disclosure - The impact of GDPR

  Here comes GDPR and with it, the first wave of major disclosures by UK organisations admitting that breaches have occurred.  Why now? Why so many? Why on such a massive scale. There's a few answers to all of this:     Why Now? GDPR regulations came into force in May and this means that companies are bound to publish details of any breach within 72...

Snooze You Lose

  We've had a flurry of major disclosures in recent weeks - large enterprise (many of them those long revered institutions who were considered unassailable/efficient/trustworthy). If there's one positive we should take from all this it's that no-one is immune to data breach, and that it truly, does happen to us all.      Here's a few recent notable...

Mind the Gap! Why Point Solutions are Pointless

We've all been there - wanting to solve a specific problem without the disruption that's caused by making wholesale changes, or taking on additional network elements (e.g. by acquisition) that come with their own set of tools. We've all been seduced by the claims of a niche provider who has a great product for a particular network need which could take...

Banking Update

TSB have just published their year end results and have stated that the banking problems from earlier in the year have cost at least £176m with more impact still to follow, they've also intimated that this would have been enough to take the business down, were it not for investment from their parent banking group, Sabadell. They also reported a loss of...

Buckle Up! The ride is wild, but so are the rewards

Get ready to blow your mind!! Cloud Security Turns Everything on its Head   There are many reasons for organisations to consider adopting cloud infrastructure including improved availability, flexibility and scalability being just a few. There are many blogs and other resources on the benefits of having a flexible infrastructure and I bet having your...

"Difficult": Where the Best Experiences are Found

Many service providers shy away from the most difficult stuff, but we know that complexity brings the biggest challenges but also the biggest rewards. It's the difference between "that'll do" and "this is a game changer".  Security has for too long been put in the category of "necessary evil" and this is terrible. It takes huge potential, promise and...

10 Security Maxims Debunked

IT Security is a huge and daunting topic, it takes an expert to stay on top of everything!  So much information, so much conflicting advice, it's difficult to know where to start, but not all advice is good advice.  There are some common messages that we really don't like. Here's our top ten ways that our industry is getting it wrong:   1. "Security Is...

HR: Your Front Line in Network Security

HR has a huge role to play in the security of your networks   Yes, Human Resources. For all the effort your organisation expends to implement robust IT policies and infrastructure, the biggest threat to an organisation’s safety comes from its people. Whether through malice, ignorance or human error; the people in your businesses are the most likely...

Troubleshooting- The Most Expedient Improvement

If you have a problem, if no one else can help, and if you can find them, maybe you can hire the A-Troubleshooting Team. When you have a solution which isn’t working correctly, or you just don’t think it’s performing well enough, it’s common for organisations to think that a rip and replace strategy is better than spending the time to resolve...

Lessons from a UK Bank's Catastrophic Data Breach

I've been watching the news surrounding one of the UK's major retail banks aghast. I could ask "how could they let this happen" but it's obvious why it happened, and very sad. We have a major UK institution in crisis through ineffective security and archaic data architecture.  First of all there was a data breach following a system upgrade. This resulted...

Optimisation- Making the Most of your Existing Tools

One of the most annoying things I see on a daily basis is companies with great security products – huge capital expenditure, spent wisely on market-leading products which are great assets, but which are totally under-utilised and going to waste because the infrastructure, fundamentally hasn't been set up correctly. ​  Even worse, we sometimes come across...

How to Engage Us

Lithify is available for short or long term engagements, to help with a problem, to implement a specific project or as your preferred partner in IT Security. 

Contact us, book an initial (free of charge) consultation or request an urgent call back

Contact Us