BUI cybersecurity team leverages the intelligent cloud to help safeguard business organisations.
Be proactive about cyber crime response and prevention.
BUI Cybersecurity Unit
As an independent business unit within BUI, our cybersecurity experts have authoritative mandate.
The BUI Cybersecurity team interacts directly (consultative) and indirectly (auditive) with our customers. They ensure security is top of mind of our cloud consultants and customers alike.
“To competently perform rectifying security service, two critical incident response elements are necessary: information and organization.”
― Robert E. Davis
“Security leaders are under a lot of pressure to show quick wins while knowing full well that everything they do will be heavily scrutinized and challenged, and ultimately, they will pay the price for things that are not under their control.”
— Yaron Levi, CISO
"Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say."
— Edward Snowden
BUI Cybersecurity Pillars
BUI will assess your environment, identify the controls needed to define, implement and maintain a robust cyber security practice. Cybersecurity controls are based on three pillars: people, processes and technology. Using a three-pronged approach assists in protecting you from both organized and opportunistic attacks, as well as internal threats, such as phishing scams.
BUI uses risk management (heatmap) to ensure these controls are risk severity aligned and deployed cost efficiently.
Every employee has a responsibility to reduce cyber security threats, understanding their role in protecting the organisation's assets.
Our cybersecurity SoC team remains relevant, keeping up to date with the latest cyber risks and solutions and their qualifications so they can better support BUI and our customers.
The organisation's cyber security stance are documented in processes and procedures and need to be communicated to all employees.
The BUI Cyber SoC team is responsible for documenting processes, clearly defining roles and responsibilities, and specifying the procedure to follow when a threat emerges. The cyber landscape is one of constant change, so processes are regularly reviewed to account for the latest cyber threats and responses.
They can review and advise on your cybersecurity policies and procedures.
While security measures are a big part of the cyber security strategy, technical controls and analysis are essential - access controls, antivirus, firewalls and AI - technology can mitigate cyber risks or provide useful insights.
BUI's cybersecurity SoC monitors, trends and track risks for BUI and our customers, detecting and responding to threats as they appear.
Why is Cybersecurity important?
Cyber attacks have become highly sophisticated and can remain undetected for months. Discovering and responding to breaches too late, can have devastating consequences to your business. We identified the top reasons why Cybersecurity should be important to you.
The Cost of Data Breaches
The cost of a data breach can be measured in financial and non-financial terms. Privacy laws can mean significant fines for organisations, on top of lawsuits and other financial damages. Organisations also need to consider organisational sustainability and reputational damage.
Sophisticated Cyber Attacks
Cyber attacks are growing in sophistication, with attackers using an ever-expanding variety of tactics, including social engineering, malware and ransomware.
Cyber Attacks are Lucrative
Cyber attackers seek some kind of benefit and will continue to invest in various techniques to achieve their goals - whether financially, politically, intellectually, ethically or socially driven.
Cybersecurity is a Board-level Issue
The board seeks assurances from management that cyber security risks are managed, keeping cost and operational impact limited. Cyber risk strategies need to reduce the risk of attack, thus improving risk postures.
Phishing, an old but still popular tactic, is a social engineering attack that tries to trick people into divulging sensitive or confidential information. Not always easy to distinguish from genuine messages, these scams can inflict enormous damage on organisations.
Social engineering comes in more forms than just phishing, but is always used to deceive and manipulate victims in order to obtain information or gain access to their computer. This is achieved by tricking users into clicking malicious links or by physically gaining access to a computer through deception.
A DDoS (distributed denial-of-service) attack attempts to disrupt normal web traffic and take a site offline by flooding a system, server or network with more requests than it can handle.
A virus is a piece of malicious code that is loaded onto a computer without the user’s knowledge. It can replicate itself and spread to other computers by attaching itself to another computer file.
Worms are similar to viruses in that they are self-replicating, but they do not need to attach themselves to a program. They continually look for vulnerabilities and report any weaknesses they find to their creator.
Malware is a broad term used to describe any file or program intended to harm a computer, and encompasses Trojans, social engineering, worms, viruses and spyware.
A Trojan is a type of malware that disguises itself as legitimate software, such as virus removal programs, but performs malicious activity when executed.
One of the fastest-growing forms of cyber attack, ransomware is a type of malware that demands payment after encrypting the victim’s files, making them inaccessible. Be aware that paying the ransom does not guarantee the recovery of the encrypted data.
Spyware/adware can be installed on your computer without your knowledge when you open attachments, click malicious links or download malicious software. It then monitors your computer activity and collects personal information.
A Structured Query Language (SQL) injection occurs when an attacker inserts malicious code into a server that uses SQL. SQL injections are only successful when a security vulnerability exists in an application’s software. Successful SQL attacks will force a server to provide access to or modify data.
An MITM (man-in-the-middle) attack occurs when a hacker inserts themselves between the communications of a client (device) and a server. MITM attacks often happen when a user logs on to an insecure public Wi-Fi network. Attackers are able to insert themselves between a visitor’s device and the network. The user will then unknowingly pass information through the attacker.
Cyber criminals are constantly identifying new vulnerabilities in systems, networks or applications to exploit. These activities are conducted via automated attacks and can affect anyone, anywhere.
Using outdated (unpatched) software opens up opportunities for criminal hackers to take advantage of vulnerabilities to bring entire systems down. A zero-day exploit can occur when a vulnerability is made public before a patch or solution has been rolled out by the developer.