UK organisations must get cyber-security fundamentals right, experts say

A new report says many are using outdated and unsupported operating systems.

Almost seven in ten London borough councils use operating systems which are no longer supported by their manufacturers, a new report by Databarracks has shown. This is putting the councils at significant and unnecessary cyber-security risks, as unsupported systems can be vulnerable to old and known flaws.  Databarracks is basing its report on a Freedom of Information (FOI) request. 

Most rely on Windows Server 2003 (63 per cent – lost Microsoft’s support on July 14 2015), SQL Server 2005 (51 per cent – lost support on April 12 2016), and Windows Server 2000 (10 per cent, lost support July 13 2010). 

“It is easy for organisations to become paralysed by the choice of security options, but it is absolutely vital to not neglect the basics and to deliver a solid baseline,” commented Peter Groucutt, managing director at Databarracks. 

“This starts with reviewing and auditing their IT infrastructure and upgrading to supported software versions. Being secure in 2017 doesn’t necessarily need to see huge investment in advanced cyber security solutions, but it does need to be the year that we ensure our fundamental security practices are up to scratch.”

“Advanced threat monitoring and alerting services, for example, are fantastic but expensive and difficult to configure correctly and to maintain. Investment in the latest software is useless if it’s not being used effectively – in reality, you’ll likely be no better protected.  

Image Credit: Elena11 / Shutterstock