Managed Cybersecurity Services

It's time for businesses to get REAL about cyber security. To many times we hear "Cybersecurity doesn’t apply to me because my business is too small to matter." or "Cybercriminals would never bother hacking us because we don’t have any valuable data or many financial assets."

Sure the big breaches (like the Waikato DHB here in NZ or the Industry giants overseas) always get headlines in the news. The media are like that. However small to medium sized businesses are getting hammered too. Add to that recent changes to the NZ privacy act where it is now the business owner's responsibility to keep customer data safe or face huge fines.
Read more: Link to Article about Privacy Breach Reporting with $350K fines

Antivirus software on its own is no longer enough to keep the cyber criminals away. The threat landscape has changed drastically. Active threat hunting is now one of the "must haves" (amongst other things) for good cyber security.

Typically our Managed Cyber Security Stack is based on a "Good" "Better" "Best" levels of offerings for our clients dependent on their needs, company size, budget and complexity.

At the very minimum your business needs (Level = Good):

  1. Staff awareness training and reviews.
  2. Strong password policies and User Access rights.
  3. Managed endpoint protection software powered by AI.
  4. Active threat hunting and monitoring
  5. Advanced email scanning which is independent from your email provider and with "safe links" enabled.
  6. Managed Microsoft and 3rd party Security patches and updates.
  7. A robust backup system and business continuity recovery plan.
  8. A proper business grade firewall


Most of this is "just too hard" for smaller businesses to manage without their own dedicated security orientated IT staff. This is where CT Business Solutions as an IT service provider fits in. At CT we offer a Monitored and Managed Cyber-Security Service for small to medium sized businesses that essentially shares the cost of putting together and operating these many parts on a "per user" basis accross our many clients.

Below is a discussion point raised the other day when a discussion arose amongst us and some of our US colleagues. We were talking about cybersecurity and how to handle the attitude of many small businesses that feel they are too small for the hackers to bother with.

For what it is worth the author has posted the comment below even though it was written by someone else in the USA.

“We’re too small” – Actually in the SME business world that is the biggest misconception there is. The media only focuses on huge companies when it comes to being hacked and never report on small businesses because the headline isn’t as juicy. The problem is that most of the hackings happening today are to small and medium size businesses, most of whom thought they were too small to worry about it. According to Forbes 43% of all data breaches involved small and medium size businesses. 61% of all SMB’s have reported at least one cyber attack during 2021. 83% of all SMB’s are not financially prepared to recover from a cyber attack and 43% of SMB’s don’t even have any cybersecurity plans in place. The bad thing is, according to the President of the United States and the Director of Homeland Security, cyber attacks are only going to increase and instead of trying to protect your self from someone who lives in Mommy’s basement you’re going up against nation states, with plenty of financial resources and 100’s if not 1000’s of hackers, all with nefarious intentions.

Here is link to two Free Tools. Please use these to Check if your email has been breached, or if your password is secure. Given that 93% of all cyber breaches start with an email, these are the two most basic level checks you can perform to reduce your companies' security risk footprint.
Email Breach Tool | Password Security Tool

Related Services:
Managed Services
Business Backup Solutions
Sophos Advanced Email Protection
Has Your Email Been Breached?
Are You A Sitting Duck?


Related CT Blog Articles:
Strong Passwords are Vital
Make Sure Your Cloud Server is Protected from This
Why You need to Backup Your Microsoft 365 Data

Further Technical Information:


If you have read this far then that is good, however the author feels this technical content below may well bore you, or be something you don't really want to know about as long as your Managed IT Service Provider is doing a good job of looking after these things for your company.

1) Staff Training: A good cyber security culture amongst your organisation is essential. Staff, contractors and anbody who connects to your IT systems must be trained in your security culture. CT can help with educational materials, staff sessions/talks, and even sending random fake scam emails to test how well the education is going.

2) Most businesses have ongoing staff changes as employees move, leave and join the organisation. Employee induction and IT policies need to be a key part of these moves adds and changes to your business.

3) Passwords. As a general rule people hate passwords. Technology to erase that need is being developed, but it's not mature yet. Passwords can be made difficult to crack but relatively easy to remember with a bit of imagination. There's a link to a password tool earlier on this page. Try password vs. 7x11=SeventySeven to see the comparison in time needed to crack.

4) Moves Adds and Changes. We have seen many instances of a user leaving, and being replaced with another staff member. Let's say Mary leaves and is replaced by Susan. Later down the track (usually after a problem) we find Susan is still logging in as Mary, because nobody understands both the security risks and how to change the profile. Susan logs in as Mary as there is an application, email or "saved passwords" she needs to do her job. Your managed IT services provider does know all about what to do here, and no doubt those kind of moves and the time involved to remediate will be part of the support contract. In bigger organisations a change management request is usually submitted by a supervisor, but some smaller businesses think that is too draconian. At any rate communication between the supervisor or employee and the IT provider is the key.

5) Web browsing. Many viruses, ransomware, annoying pop-ups etc, are caused by browsing to websites that have been compromised. Often this browsing could be from a malicious link in an email, or just plain careless browsing. For smaller customers (say 1-4 users) this can be controlled by a clever Antivirus System (Naturally ours is the best) or in larger organisations the firewall deployed has Unified Threat Management (UTM) as part of its included services and takes this protection to another level again. UTM can also ensure that employees are conducting themselves within company policies regarding use of IT equipment etc. For employees away from the company firewall, a Clever Antivirus System syncronises with the firewall to protect those users and ensure company policies are adhered to.


Last Updated: 16/04/2023
Service: Managed Cybersecurity
Author: Dennis Jones | CT Business Solutions