Since October 2022 Softline has been operating under the brand name Noventiq.
Cyberattacks are on the rise with more and more organizations experiencing attacks against their infrastructure. The number of cyber incidents has been increasing even faster in the last five years than before. In 2021 alone there were on average 270 attacks per company, an increase of 31% compared to 2020. As a result, cybersecurity has never been more important in business continuity to organizations of all sizes in every industry sector.
With attacks multiplying rapidly and becoming more sophisticated, relying on standalone solutions cannot provide adequate protection. Cybersecurity requires a holistic approach built on the company’s existing processes and future needs. At this point, a structured approach can help to identify the most important elements of cybersecurity in general, not depending on a specific solution.
The National Institute of Standards and Technology (NIST) introduced the Cybersecurity Framework recognizing the need for a comprehensive guidance for organizations to better manage and reduce cybersecurity risk. It is intended for any and all organizations regardless of sector or size. In addition to helping organizations manage and reduce risks, it was designed to foster risk and cybersecurity management communications amongst both internal and external organizational stakeholders.
‘Instead of talking about specific solutions, we are leveraging structured approach based on Cybersecurity Framework to identify areas to strengthen. Our team can identify the company's current stage within their cybersecurity journey using the NIST Framework, determine the gaps then create measurable goals resulting in a sound and tailor-made cybersecurity strategy’ explains Nikolay Dinev, Services Lead of Softline Eastern Europe.
The Framework provides a structural approach towards cybersecurity and can show where the company is at the moment and what are the next steps to take. That’s the reason Softline incorporates it into their services when mapping and determining the current situation as well as the next steps. The structure, on which the framework was built, can uncover a lot of gaps in a company’s cybersecurity that otherwise remain hidden. It efficiently supports the overall cybersecurity journey from assessing to planning and implementing with measurable results. Moreover, the Framework is providing security controls and linkage to specific compliance frameworks like ISO 2700.
The Cybersecurity Framework includes five functions that were established as a full journey of cybersecurity:
Identify: this function assists in developing an organizational understanding to managing cybersecurity risk to systems, people, assets, data, and capabilities
Protect: to outline appropriate safeguards to ensure delivery of critical infrastructure services
Detect: the function defines the appropriate activities to identify the occurrence of a cybersecurity event
Respond: includes appropriate activities to take action regarding a detected cybersecurity incident
Recover: identifies appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity incident
‘Every type of company can benefit from the framework regardless of their cybersecurity preparedness. When you have a dedicated cybersecurity team and already implemented best practices, the framework can still uncover gaps. On the other hand, if your company wants to find the right starting point, then the framework can help defining a roadmap for you’, Nikolay Dinev explains the Framework’s versatileness.
Delivering benefits with proven solutions
‘We understand organizations don’t have the time for six-month long assessments in the current economic climate. In less than a month they can receive an assessment from us. After that we present a roadmap covering the field of Identity and Access Management, Threat Protection, Cloud Security and Information Protection and Governance. In these areas we have predefined scope and outstanding experience which help us to be very efficient in the implementation phase.’ says the expert.
Softline’s team of experts has outstanding experience incorporating various solutions into a comprehensive and secure infrastructure. Combining it with the Cybersecurity Framework we can identify and deliver the most fitting solution to your company. We believe in long term partnerships, so we support our customers in every step of the journey.
Ask for a consultation and learn about the steps to take for a reliable and secure environment.
 Accenture, State of Cybersecurity Resiliance 2021
In recent years, the alarming surge in email scams has been fueled by the emergence of malicious email campaign platforms, such as BulletProftLink, causing significant damage and financial loss. The threat landscape continues to evolve, with cybercriminals harnessing new technologies, including utilising localised IP addresses. In this article, we summarize the findings of the Microsoft Cyber Signal Report, shedding light on the escalating cyberattacks compromising business emails and exploring strategies to combat email fraud.
In the era of digital transformation and the rise of hybrid work models, cybersecurity's significance has surged. With cybercriminals evolving and exploiting every vulnerability, organizations must prioritize security. According to Microsoft, 98% of cyberattacks can be prevented by an adequately defended system. Read the summary of a Microsoft article which explores six core domains demanding attention: email, identity, endpoint, Internet of Things (IoT), cloud, external.
As an organisation grows, its information security system inevitably grows along with it. Sooner or later, all businesses end up asking themselves the same question — 'how can we keep track of all of this? Learn more about how to rely on Security Information and Event Management (SIEM) and Security Orchestration, Automation and Response (SOAR) to improve your security visibility.
Днес 91% от хакванията започват с имейли за фишинг или насочен фишинг, като средство за кражба на самоличност или подкана за отваряне на зловредни файлове и линкове. Фишингът е ефективен, защото се възползва от човешките емоции и импулсивност, като по този начин цялата организация става уязвима.