Latest News and Opinions

IT Security is a huge and daunting topic, it takes an expert to stay on top of everything! 

So much information, so much conflicting advice, it's difficult to know where to start, but not all advice is good advice. 

There are some common messages that we really don't like. Here's our top ten ways that our industry is getting it wrong:


1. "Security Is Everything"

No, it really isn't! Being you is everything!

The primary purpose of any large enterprise is to perform their service to the best of their ability and to stay ahead of their competition. The largest companies in the world all have well-defined objectives, mission statements and strategic goals. Security might be part of that, but it's a supporting function, not "Everything".

As an industry, we need to leave behind this myopic focus on ourselves and put the customer at the centre of the discussion.

2. You Need to be Afraid


Cyber security is necessary to protect against known and unknown threats to operations, reputation and employee safety. OK, that can be frightening, but once understood, this simply a fact of life that needs to be addressed.

At present the industry is stuck in a culture of fear and it needs to be changed. We limit ourselves and our customers by talking this way. Security solutions, implemented properly, provide greater opportunity to excel. Once security is addressed, it provides a platform for creative freedom, entrepreneurship, and innovation. 

e.g. few people are so afraid to drive cars that they won't get in one. Instead, we use seat-belts, air-bags and crumple zones to keep us safe, then we go where we wish, take corners quickly, drive at high speed on the motorway.

IT Security Solutions should remove fear, promote confidence and allow users to think big. 

3. Spending Big is Insurance Against Attacks

Absolutely not. 

Writing a big cheque can demonstrate board commitment to solving the problem, but investment alone won't cut it. Ensuring that such investment is installed correctly, optimised and managed correctly just might. Better still, making the most of your existing investments can be just as productive. 

There is no perceived "tick in the box" which can make the problem go away. It needs to be dealt with. Selling on fear belongs in the past. 

4. Security is an IT Problem

Sorry, no again.

Yes cyber security is largely deployed in the IT office, but the implications of a breach are business wide, and security considerations should be in the minds of every member of staff, especially the executive team.  Security strategy should be set at board level, reviewed as an agenda item and responsibilities should be owned by individuals and documented, with full procedures in place. 

5. It Won't Happen to Us

Yes, it will and it does!

Every organisation, large or small, high profile or low key is at risk. The threats are widespread. It's not whether it will happen it's when. How you react and recover is most important. Without a robus security strategy, any enterprise is at risk, not just from attack, but from catastrophic failure when vulnerabilities are exploited and no remediation plan exists to put things right. 

6. We're Safe in the Cloud, because large providers have security sewn up

No again. Read the terms and conditions, you'll find this simply isn't the case

The advent of "Cloud" computing and resources for large enterprise gives exciting opportunities but also brings unique challenges which need to be addressed as part of base implementation. Cloud providers are great at securing data in and out of their infrastructure, but that's not enough for large enterprise.

Simply having rudimentary protection at ingress and egress points is woefully inadequate in a large data-lake. Security is also required to segment data fields, restrict access based on various parameters (e.g. user groups), and authenticate against multiple cyphers. If not considered at architecture stage, Cloud deployments simply won't perform in the way we all hope.  

7. Having a Plan on Paper is Good Enough

Nope. SHOW ME.

I can't remember how many contracts I've seen where service providers proudly state their DR policy and metrics about how often these policies are tested. 

Don't believe the hype: have it demonstrated before your own eyes. If a provider can't literally pull the plugs and show fail over there and then, there's no guarantee it will work in practice, and whilst the payout from such a failure might be nice, it won't make up for the devastation caused by severe system downtime if something goes wrong. 

8. My Application Providers Have my Back

Only partially, which is as good as not at all

Application providers talk a good game about security and how their systems can be augmented to ensure security across your network, but this isn't the case. 

Any interaction between third parties and your core systems should be tightly controlled. We've lost count of the times we've seen holes punched through firewalls to enable a feature (support, monitoring, real time updates etc), but unwittingly, these third parties cause vulnerabilities which even the most tentative security policies can't allow. 

Furthermore, application providers often profess to offer security solutions which span your network, but this is rarely the case. At best, they provide a basic layer which addresses their own solution well, and the rest of the environment adequately/poorly/not at all. 

9. Point Solutions are Enough

Where there's a gap, there's a problem. 

There's a myriad of point solutions in the marketplace which profess to get you through. They're tempting when considering a specific project or an individual requirement, but they fall down where their remit stops and another starts. 

Good security should provide a solid foundation which spans everything you do, not just one specific aspect. Implementing a solid infrastructure, underpinned by great strategy is the only effective way to ensure your security is up to scratch. 

10. My IT Support (Generalists) know enough to get by

Maybe your guys are super heroes, but most aren't. 

It's a lot to expect a generalist IT team to be across everything, supporting applications in service, maintaining hardware infrastructure and keeping your networks running smoothly. 

IT Security is a skill in its own right and expert help is needed to keep your investment running to the best of its ability. The biggest threat to security solutions is potentially the limitations of their implementation and ongoing management.

Getting experienced insight is worth every penny and frees your team to do what they do best. 




Check Point Subscriptions - Launching Now!

The Best Security is now available to all.  It's been a long time in the making, but finally we are ready to announce that we are now able to offer Check Point Security Suite appliances, Harmony User Security and CloudGuard on monthly subscription. It's a service which has been missing for a long time and it's great to move things forward.  Monthly...

Lithify Achieves Check Point CCSP Status

Lithify's partnership with Check Point goes from strength to strength. Alongside our well-documented specialisms in CloudGuard, Harmony, SMB and our recent status as MSP, we've now added CCSP to our list of accomplishments. This change rewards a huge amount of hard work from our Technical team working with our Check Point colleagues and underpins our...

You Deserve the Best Security - We Love the New Strapline

  You don't have to have known the Lithify team for very long to understand what total fans we are of the Check Point brand - we feel passionately that our customers need the best protection we can give them, and for us, that's often Check Point.  You can therefore imagine how thrilled we are with the rebrand and particularly, the new strapline "You...


ITS BACK!  In 2019 Lithify was proud to sponsor Summer Spin. A 60 (odd) mile jaunt around the spectacular Cotswold countryside raising money for charity with 30 like minded people, roof's down, braving the British weather! Obviously we couldn't do it again in 2020 but that just mean's that we are raring to go this year! New start and finish points, a new...


Wish you could get rid of clunky VPNs and multiple connection methods for users. In this webinar, Gethin Jones, Harmony Architect at Check Point UK joins us to discuss why Check Point Harmony is a giant leap forward in capabilities for user connections. {youtube}Sru0LPW7VEg{/youtube}

Lithify Joins the Good Business Charter

  The Lithify team is pleased to announce that we are now an accredited member of the Good Business Charter.  The charter seeks to to encourage responsible business behaviour and to publicly acknowledge those organisations who exhibit such behaviour. The aim is to inspire as many organisations as possible to change their behaviour, where required, in...


How do organisations put users at the centre of security posture? How do you ensure complete security whilst most are working from home? If users are your organisation's greatest asset, how do we keep them safe? We discuss all this and more in this webinar. {youtube}SoXWmYvV8S8{/youtube}

Help Us with Research

  We're working with Cambridge University on a study into the standards required by Essential Infrastructure organisations.  Henri van Soest is a PhD researcher in Land Economy at the University of Cambridge. His thesis deals with cybersecurity issues in the electricity system. A combination of decarbonisation, distributed generation, and digitalization...

Findings from A Customer Installation of Check Point Email Protection

A successful phishing attack had obtained the password of the head of purchasing department.   This happened while we only had O365 and Microsoft security.   This was the office 365 Password so they had access to his email in the cloud.   We implemented Check Point email protection after the bad guys getting that password but just before they were to...


Phishing has exploded during Lockdown, in this webinar we explore strategies to protect enterprise from phishing attacks and account takeovers. The Lithify team are joined by our colleagues from Check Point and customers across the UK and EMEA.   {youtube}LWsM2kUBqss{/youtube}

SandBlast Mobile - A Customer Perspective

If you're considering Check Point's SandBlast Mobile, you might be interested to read the following review just in from one of our customers, who recently deployed the product.   We  recently implemented Check Point SandBlast mobile on *all* mobile (phone) devices both ‘Droid and Apple during lockdown, following a security breach. There were quite a few...

Purple Team Podcast

Lithify CEO Liz Deakin was recently invited onto the popular podcast "The Purple Team Podcast". Liz sat down with podcast host Eliza-May Austin to discuss the complexities of the OT ICS/SCADA environments. The podcast can be found...

Introducing Check Point Mentor

Over the years, we've watched many clients become disillusioned by the support provided by their vendors and partners.  In many cases, the framework offered by vendors simply fails to meet the requirements for the client. When it comes to telephone support, the "gap" between what the customer thinks that they have purchased, and what was actually...

Welcome to the Revolution

Business traditionally put data at the center of the network, machines and premises second and users last on the list of network priorities. Lockdown has changed all that. Business has realised that employees are what makes a successful enterprise, and that home-working is truly viable. It's up to network managers and us as IT security specialists to help...

Installing SandBlast Mobile

Think installing endpoint is hard work? In this video, Gareth shows us how easy it can be   {youtube}v=fiHcOP9R37E&{/youtube}

The Perimeter is Gone: Long Live Work Anywhere

  What strange times we live in, and what changes we’ve seen in just a short couple of weeks. What’s clear is that there have been major changes In all areas of life, and that’s affected corporate business as much as anywhere else but apart from the many negatives, there are some great positives.     Change, however uncomfortable, brings development...

Free Endpoint Tools for Remote Working

  Check Point is offering free 60-day licences to enable your team to work from home during these trying times.  Use these tools to enable secure access for employees working from home or via mobile devices.  Installation can be carried out from a remote location by Lithify's team of experts, in short timescales.  This is an unprecedented offer by...

Key Steps to Cloud Migration

Moving data and services to the cloud is the hot topic on everyone's lips at the moment, but as with all IT projects, there's no magic bullet. Done correctly, it takes more than a moment no matter what the various cloud providers would have us believe.  Careful planning and a good understanding of the needs of the environment are both key to a successful...

Key Steps to IT/OT Network Convergence

It seems inevitable that IT & OT convergence will be addressed by many operators in the near to mid term. It's certainly a desirable outcome and offers economies of scale and practical benefits for most networks, but there are hurdles to overcome and special considerations to be made.  The need for coherent policy across all parts of the enterprise,...

Making Skype Work Properly with https Inspection

  Tech Chat: This blog comes from our very own John Fenoughty and was originally posted on CheckMates. In this detailed report, John discussed the issues and outlines fixes for the problem.  The piece started life as a discussion of https inspection in general, and in particular about the probe bypass feature, with Skype being an example (along with...

Emmet Cleere Check Point Demonstration

  Think you are safe just surfing? In this video Emmet Cleere from Check Point shows us how easy is can be for Malware to infect your computer then demonstrates how Check Point protects you   {youtube}TJiPbhkF3tM{/youtube}

Easy Transition From N3 to HSCN

  Hard cut over is never fun and is highly dependent on all elements coming together seamlessly for everything to go to plan. It introduces considerable risk in any scenario. Where the change from N3 to HSCN is concerned, firewall changes are needed and these need to happen immediately that the switch from old to new is made. BT are commonly slipping...

Vendor Flip Flopping Serves No-One But Unscrupulous Resellers

  If your organisation has changed vendors more than twice in the last 8 years, it might be time to re-think your approach.  We all know large enterprises which seem to have run the gamut of every security and networking vendor, changing their estate every three years as one deal comes to an end and another one starts. Until recently I presumed that...

Security Still Centred on Perimeter Firewalls? Let's Think Bigger!

Still hanging your security on perimeter firewalls? Its time to broaden your scope Who reading this thinks that perimeter firewalls are the main game in security? Many people still do. We've based security on perimeter firewalls for so long that they're just the accepted way of doing things. Firewall are the mainstay - everyone knows that,...

Account Takeover - Why Now?

One of the oldest breaches in the book is back and the consequences (which have always been bad) are now worse than ever. Account takeover has existed for a long time. It used to rely on poor password policies and exploited those users who used the same username and password combination for everything. Stolen email addresses and passwords (normally...

Thinking Of Downsizing Your Firewalls?

I'm constantly talking to both existing & prospective clients and a new phenomenon is catching my eye. Downsizing, simplification and cost cutting are becoming a trend. I can see why. Firewalls are being commoditised and finance teams are simply asking "what am I getting for my investment?" It's a sensible question brought about for sound commercial...

SaaS Application Security - The Missing Puzzle Piece

  These days we're all using "served" applications (SaaS) - Asana, 0365, Google G Suite, Salesforce, SageOne, Slack, Dropbox - there are many. I can't think of a single enterprise in our current customer base who doesn't have at least one.   This change has happened gradually over the last 5-10 years. We've adopted these technologies because they...

Zero Day Video

The concept of Zero Day can be quite tricky to understand so we've made this awesome video to make it a little bit clearer!     {youtube}b5-50df7Whk{/youtube}

Mobile - The Overlooked Entry Point

Hands up who enables uses to access their corporate email on their mobiles? What about other systems? CRM? Accounts? HR? What about document shares such as One Drive or Dropbox? Pretty well every organisation allows at least one of these, many allow far more.  Whether corporate or employee owned (known by the term BYOD - bring your own device),...

What is Zero Day

The concept of zero day has been around for some considerable time, but its only just starting to gain traction, so what is it, why now, and why should you consider it for your network.  What is Zero Day? A zero-day (also known as 0-day) vulnerability is a computer-software vulnerability that is unknown to those who would be interested in mitigating the...

Why Wait?

What's your next layer of protection before your firewall? How can we help you stop threats before they even reach your gateways? Clearly, the safest threat is one which is neutralised before it even reaches you, and therefore products which help you acheive this are inherently desirable.  Rather than stopping threats on your own gateway, a product which...

Check Point SandBlast Now

  Check Point's SandBlast protection is now available to protect any environment, regardless of current firewall provider, as an appliance which sits alongside your current firewall solution.  This enables organisations with an existing non-Check Point firewall estate to quickly augment their environment with these zero-day controls.  SandBlast Zero-Day...

Think Twice Before Switching to an Inferior Product Set

  If you're considering your options on IT security, it can be tempting to think that something new will be cheaper to run than your current product, will be easier to maintain and may offer a more stable platform. I'm here to tell you that more often than not, that isn't true.  I can understand if you're switching from a solution that is greater than 5...

Joined Up Threats Need a Joined Up Solution

We're entering Gen 5 of security threats. Every vendor and analyst will tell you that threats are sophisticated in a way we've never seen before.  There's much in the press about it:   breaches now hit far and wide, targeting multiple systems at once (or over a sustained campaign). Gone are the days of one-off incidents which can be easily deflected by a...

Think 5 - 7 years out

  We've been providing expert professional services as a team now for many years and in that time, the complexity of the solutions we're providing have moved on considerably. Our most complex install 5 years ago would be pretty standard today - even smaller enterprises today have more sophisticated set-ups than the largest organisations back...

Fantastic Posters!

  The say a picture paints a thousand words. We love these fantastic posters by LogRhythm. Whether you're a current LogRhythm client or not, these fun messages are great for instilling good practice across your workforce. The posters all have snappy analogies and easy ways to remember to change your password often, be aware of phishing, and prevent cyber...

Can you trust Security Comparisons?

  There was a heated debate on LinkedIn last week regarding the usefulness of Gartner and whether an organisation should be using their findings as the basis of their IT decisions.  The crux of the question came from concerns about how Gartner and others (such as Forrester) are funded, how they obtain their ratings and the role that sponsorship plays in...

Doing More with Less

  How to avoid overload and get the most from your time and resources.    More frequently, I'm coming across security teams and IT Directors who are having their operating budgets for IT security cut at a time when they should really be expanding.    The scale of the task in security grows larger by the day, and the complexity that we see as standard...

Hidden Pain Points are Where the Real Danger Lies

  What does the threat landscape mean to you? What are your biggest threats? Where are you putting your energy and resources? What if I said that you're very likely worrying about the wrong thing, and that it's the small thing you're not worrying about which presents the biggest challenge?  The most pressing threat to your environment, the reputation of...

Visibility is Everything

  Ever tried to make a decision with only half the facts? It's a hiding to nothing - how can one possibly expect to make the right devision with only part of the picture? An "informed decision" is impossible. Why then do we expect our networking and security teams to routinely do just this - make their decisions without all of the data, sometimes with...

Risk - It's a Fact of Life

  We live in a world of threats. They're a fact of life, just like common cold or uneven paving slabs. We all deal with threats every day, from the moment we wake up to the moment we go to sleep, and don't fall out of bed and hurt yourself, because that's a threat too.  OK, these examples are silly, but it's true - we're surrounded by risk. For the most...

Full Disclosure - The impact of GDPR

  Here comes GDPR and with it, the first wave of major disclosures by UK organisations admitting that breaches have occurred.  Why now? Why so many? Why on such a massive scale. There's a few answers to all of this:     Why Now? GDPR regulations came into force in May and this means that companies are bound to publish details of any breach within 72...

Snooze You Lose

  We've had a flurry of major disclosures in recent weeks - large enterprise (many of them those long revered institutions who were considered unassailable/efficient/trustworthy). If there's one positive we should take from all this it's that no-one is immune to data breach, and that it truly, does happen to us all.      Here's a few recent notable...

Mind the Gap! Why Point Solutions are Pointless

We've all been there - wanting to solve a specific problem without the disruption that's caused by making wholesale changes, or taking on additional network elements (e.g. by acquisition) that come with their own set of tools. We've all been seduced by the claims of a niche provider who has a great product for a particular network need which could take...

Banking Update

TSB have just published their year end results and have stated that the banking problems from earlier in the year have cost at least £176m with more impact still to follow, they've also intimated that this would have been enough to take the business down, were it not for investment from their parent banking group, Sabadell. They also reported a loss of...

Buckle Up! The ride is wild, but so are the rewards

Get ready to blow your mind!! Cloud Security Turns Everything on its Head   There are many reasons for organisations to consider adopting cloud infrastructure including improved availability, flexibility and scalability being just a few. There are many blogs and other resources on the benefits of having a flexible infrastructure and I bet having your...

"Difficult": Where the Best Experiences are Found

Many service providers shy away from the most difficult stuff, but we know that complexity brings the biggest challenges but also the biggest rewards. It's the difference between "that'll do" and "this is a game changer".  Security has for too long been put in the category of "necessary evil" and this is terrible. It takes huge potential, promise and...

10 Security Maxims Debunked

IT Security is a huge and daunting topic, it takes an expert to stay on top of everything!  So much information, so much conflicting advice, it's difficult to know where to start, but not all advice is good advice.  There are some common messages that we really don't like. Here's our top ten ways that our industry is getting it wrong:   1. "Security Is...

HR: Your Front Line in Network Security

HR has a huge role to play in the security of your networks   Yes, Human Resources. For all the effort your organisation expends to implement robust IT policies and infrastructure, the biggest threat to an organisation’s safety comes from its people. Whether through malice, ignorance or human error; the people in your businesses are the most likely...

Troubleshooting- The Most Expedient Improvement

If you have a problem, if no one else can help, and if you can find them, maybe you can hire the A-Troubleshooting Team. When you have a solution which isn’t working correctly, or you just don’t think it’s performing well enough, it’s common for organisations to think that a rip and replace strategy is better than spending the time to resolve...

Lessons from a UK Bank's Catastrophic Data Breach

I've been watching the news surrounding one of the UK's major retail banks aghast. I could ask "how could they let this happen" but it's obvious why it happened, and very sad. We have a major UK institution in crisis through ineffective security and archaic data architecture.  First of all there was a data breach following a system upgrade. This resulted...

Optimisation- Making the Most of your Existing Tools

One of the most annoying things I see on a daily basis is companies with great security products – huge capital expenditure, spent wisely on market-leading products which are great assets, but which are totally under-utilised and going to waste because the infrastructure, fundamentally hasn't been set up correctly. ​  Even worse, we sometimes come across...

How to Engage Us

Lithify is available for short or long term engagements, to help with a problem, to implement a specific project or as your preferred partner in IT Security. 

Contact us, book an initial (free of charge) consultation or request an urgent call back

Contact Us