Skip to main content
Monthly Archives

October 2022

IT security is first priority when preparing for risk

Fergal Meehan, head of government relations, Paradyn

Paradyn’s methodology uses a traffic-light system to explain to the business how vulnerable it is to cyber attacks


Organisations today are increasingly aware of the threat from cyber criminals. How they respond to it, however, is changing, with a growing emphasis on risk management.

As IT has grown to become central to the operations of every organisation a threat has grown with it: not only are cyber attacks increasingly common, in today’s hyper-connected world, the consequences of a successful one are worse than ever. In response to this, ever more sophisticated security solutions are being deployed, including the use of active threat hunting and artificial intelligence.

Beyond the technology there has also been a wider transformation. Increasingly businesses are looking to assess their readiness from the perspective of managing risk – and turning to specialist managed service providers to assess the risks to which they are exposed in order to prepare for them.

Of course, risk cannot be measured if the IT estate itself is not understood, so making sense of what systems an organisation uses is an essential first step.

“What we do is gap analysis, CIS and NIST, analysing the business from an IT perspective,” Fergal Meehan, head of government relations at managed security specialists Paradyn, said.

Paradyn’s methodology uses a traffic-light system to explain to the business how vulnerable it is, and where its weaknesses lie.

“If there’s something like a phone system, for instance, it will be a red, amber or green, and we then ascertain what the risk is to the business if it is amber or red. That’s very important for explaining it to management,” he said.

Working with public sector clients, Meehan found these organisations were leaning more than ever into taking security seriously and were now ahead of some areas of the private sector.

“Procurement can be an issue. Public bodies tend to know what they want, but the procurement process can be difficult,” he said.

“Certainly, we’ve seen a lot of growth in awareness of security.”

First and last line of defence

With IT security, the mantra has long been that attacks are not so much a case of ‘if’ as of ‘when’. With that in mind, information security itself, important as it is, is not the only method of managing and mitigating risk.

Meehan said that alongside traditional security measures, any serious risk mitigation strategy will take backups very seriously indeed as getting an organisation back up and running after a problem or breach is one of the most crucial tasks.

“A lot of the time it comes down to backups. You can have all of the systems and hardware in place, but at the end of the day the key defence is the backup,” he said.

This does not mean that security is less important, and Meehan advocates a ‘zero trust’ model that starts at the device. It is a case of acknowledging the reality of the growing threat and ever-widening attack surface.

“There is no such thing as being risk free, so what’s the next best thing? Well, to have good, good backups. Ransomware is one of the best-known threats

Backups themselves can be, and often are, a target too, and so they need to be unalterable. If they are not, then attackers can encrypt them meaning a business will not be able to get up and running again after an attack.

“[We do] off-site backups, which links into the space around disaster recovery. We airgap the backups, creating immutability. This means you have a read-only version of the backups, so they themselves are protected from the threat of ransomware,” he said.

Working with a managed service provider, businesses can set recovery time objectives and recovery point objectives, as well as a comprehensive service level agreement. After this, however, they should not just sit back and relax. In order to ensure that they actually work when they are called upon, back-ups need to be tested.

“It’s important that you do your tests, and if you don’t have the expertise in house your service provider can do it for you. You do get customers who prefer to do it themselves as it means they don’t have their eggs in one basket: they have the backup as a managed service but they do their own testing in-house,” Meehan said.

Of course, one reason to have a managed service provider perform regular testing might be because an organisation has no internal IT team. Another, however, might be that the IT team is already overworked just keeping the lights on, and this is precisely when the risk of a breach will be at its highest.

“Even those that have IT departments are so stretched these days, particularly with cybersecurity,” Meehan said.

Click here to discuss your backup requirements in more detail.

Paradyn delivers cloud back-up to over 20,000 Microsoft365 accounts

Cybersecurity expert implements watertight back-up solution for Microsoft365 data


Company data is one of the most crucial elements of any business, but are you keeping yours secure enough? Data is facing ever-evolving threats such as deletion, corruption and ransomware attacks, and companies need to ensure that it is secured, compliant and quickly recoverable.

Do you know that backing up your Microsoft365 (M365) cloud data is your responsibility? Paradyn can help you to protect your entire M365 environment across Exchange Online, SharePoint Online, OneDrive for Business and Microsoft Teams, with a cloud solution including automated back-ups and full data restoration.

Innovative back-up technology

Data hosted at Paradyn’s secure Irish-based data centres together with innovative Veeam back-up technology ensures no downtime for customers in the event of an incident, enables speedy disaster recovery, and eliminates data loss. All customers have access to a self-service portal where they can carry out information recovery and restores, in cases of accidental or malicious deletion. Paradyn can also restore any data that has been deleted.

Without back-up for Office 365, you have limited access to and control of your own data. You can fall victim to retention policy gaps, data loss dangers and open yourself up to serious internal and external security risks, as well as regulatory exposure. Paradyn’s solution can help to protect your critical data and ensure business continuity.

Paradyn is one of Ireland’s leading cybersecurity service providers, with a security-first approach to implementation, monitoring and ongoing support. Its team of highly trained network and security consultants deliver best-in-class advice and support, enabling customers to reduce their cyber risk and focus on delivering their core business activities.

Click here to discuss your backup requirements in more detail.