ActiSoft Technology - Blog , Product NewsActiSoft Technology - Blog , Product Newshttps://www.actisofttechnology.com/blogs/product-newsWed, 22 Apr 2026 15:35:13 +0200http://zoho.com/sites/<![CDATA[Ransomware Downtime Costs for SME's Are 50 Times More than the Ransom Itself!]]>https://www.actisofttechnology.com/blogs/post/ransomware-downtime-costs-for-smbs-are-50-times-more-than-the-ransom-itselfBlog courtesy of KnowBe4 Written by Stu Sjouwerman No one has less cash on hand to spend on dealing with a cyberattack than the small business. New data ]]>
Blog courtesy of KnowBe4
Written by Stu Sjouwerman
No one has less cash on hand to spend on dealing with a cyberattack than the small business. New data shows ransomware is a challenge for SME's and they aren’t prepared for the costs.


No other malware type has evolved as much over the last 12 months as ransomware. The sheer number of attacks, the improvements in sophistication and efficacy are unmatched, and the ransoms are only getting larger.


But most still think this is an enterprise problem; nothing could be farther from the truth. In Datto’s Global State of the Channel Ransomware Report, we find that the SME is just as much a target of opportunity as the enterprise. And in many cases, despite it being impactful to the business, SME’s simply aren’t aware of the danger.
According to the report:
    • 70% of MSPs report ransomware as the most common malware threat to SMBs
    • Only 30% report that their clients feel ‘very concerned’ about ransomware
    • 62% of MSPs said clients’ productivity was impacted due to attacks
    • 39% said their clients experienced business-threatening downtime

What’s interesting is how the costs of ransomware has fluctuated over time. While the average reported ransom stayed largely flat – £4,500 in 2020 versus £4,200 in 2019 – the average ransom is 50 times higher - £205K!!!

According to Datto, the leading cause of ransomware attacks is successful phishing email attacks. This means that despite most SME's having security solutions in place (e.g., 59% have anti-malware filtering solutions implemented), it’s not enough. SME's need to add Security Awareness Training to their security to improve their security stance by incorporating the user as part of the security strategy.

Security Awareness Training is the answer to improve your security posture.

Free Ransomware Simulator Tool

Bad guys are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?


KnowBe4’s "RanSim" gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 20 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

Here's how it works:

    • 100% harmless simulation of real ransomware and cryptomining infections
    • Does not use any of your own files
    • Tests 21 types of infection scenarios
    • Just download the install and run it 
    • Results in a few minutes!
Get RanSim!
]]>Tue, 24 Nov 2020 15:35:24 +0000<![CDATA[KnowBe4's Security Awareness Essentials Certified in Association With the UKs National Cyber Security Centre]]>https://www.actisofttechnology.com/blogs/post/knowbe4-s-security-awareness-essentials-certified-in-association-with-the-uks-national-cyber-securitKnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today 912th November 2020) announced that it ]]>
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today 912th November 2020) announced that its Security Awareness Essentials course is now certified in association with the UK’s National Cyber Security Centre (NCSC, formerly GCHQ).


The NCSC’s certification program is designed to assure high quality training courses delivered by experienced training providers. Courses are assessed at two levels: Awareness for those new to cyber security to give a thorough foundation in the subject and application for anyone looking for in-depth courses for their professional development.
Security awareness training is critical to protect organisations from breaches. According to Carbon Black, 88% of UK companies have suffered breaches within the last 12 months. Social engineering attacks such as phishing rank as one of the top causes of breaches, reported by the 2020 Verizon Data Breach Investigations Report.


“Having our Security Awareness Essentials course, developed by one of our subsidiaries the Security Awareness Company, certified by the National Cyber Security Centre is a big step toward spreading more security awareness to end users throughout the UK,” said Steve Graham, SVP of Operations for UK & I, KnowBe4. “The Security Awareness Essentials course covers the basics that everyone should know when it comes to passwords and social engineering attacks such as phishing. This certification helps to distinguish some of our cybersecurity training as meeting a certain benchmark for standards in the UK.”


For more information on cybersecurity training offered by the National Cyber Security Centre, visit https://www.ncsc.gov.uk/information/certified-training. For more information on KnowBe4, visit our Security Awareness Training page

About KnowBe4

KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, is used by more than 35,000 organisations around the globe. Founded by IT and data security specialist Stu Sjouwerman, KnowBe4 helps organisations address the human element of security by raising awareness about ransomware, CEO fraud and other social engineering tactics through a new-school approach to awareness training on security. Kevin Mitnick, an internationally recognised cybersecurity specialist and KnowBe4's Chief Hacking Officer, helped design the KnowBe4 training based on his well-documented social engineering tactics. Tens of thousands of organisations rely on KnowBe4 to mobilise their end users as the last line of defence.

Book a Demo
]]>Wed, 18 Nov 2020 08:33:06 +0000<![CDATA[Managing Compliance]]>https://www.actisofttechnology.com/blogs/post/managing-complianceWho loves that time of year when you have to start the audit for your Compliance Standard? How many people do you hear say, “Great, let’s do this!” or ]]>

Do you have challenging compliance requirements, not enough time to get audits done and keeping up with risk assessments is a continuous problem?

Who loves that time of year when you have to start the audit for your Compliance Standard? How many people do you hear say, “Great, let’s do this!” or “I’ve been so looking forward to this!”? Imagine the reaction if you have multiple Compliance Standards such as Lexcel, Cyber Essentials, ISO 27001 & GDPR!


I bet it isn’t many, if any at all! Why is that?

In most businesses there isn’t someone employed full-time to run and manage your Compliance Audit. It can be a time consuming and tedious task. 


You must get information from other departments that have other objectives to achieve and can be disinterested in the whole process. They have to try and remember what they did to complete the same request the previous year, this all fills your inbox with an almost endless stream of emails. 

Emails chasing for information, getting responses abdicating the required work to someone else, emails clarifying what is required, follow-up requests and the list goes on…

How does your constant chasing of colleagues go down with them, do they hide from you or pick up a phone and look busy when they see you coming?

The chasing of the vendors that you have sent 50-page generic compliance questionnaires to that bears little resemblance to the services that they provide to your business because you don’t have the time to tier and personalise them. Having received many of these over the years I know the groans that they cause. 


I can remember receiving one questionnaire from a large global enterprise that was many pages long and our answer to their 100+ questions was N/A, not a productive exercise for either party.


Do you send questionnaires out to your stationery vendor that contain a question asking if they carry the necessary insurance for working at height on-site? Do you send your SaaS vendor one that contains COSHH questions? 

Then you must enter the details into a myriad of complicated spreadsheets! The same spreadsheets you must manually keep up to date when compliance standards get updated or changed. I won’t even mention the disjointed collection of data! And once you have it all you have to present it to the auditor from all sorts of repositories.


Sound familiar so far?

All in all, it can become a very inefficient and costly exercise that doesn’t do a lot for morale.


Imagine if you had more than one Compliance Standard to manage! You may end up with different tools being used across multiple departments which does not aid in the company Management knowing where each one is in the journey.

Can you easily provide your boss or board with the status of your compliance process, what tasks are done, outstanding, overdue, identify any bottlenecks, what is the risk status and so much more or do you have to put in several hours/days in before they want a status update?


Is there a solution? Yes, there is.


KCM GRC (KnowBe4 Compliance Manager Governance, Risk & Compliance)

How does it take away the headache?


It is a SaaS platform that pulls all the tasks into one system. Allowing you to;


· Manage and Automate Compliance and Audit Cycles

Reduce the time you need to satisfy requirements to meet compliance goals with pre-built requirements templates for the most widely used regulations.

· Centralise Policy Distribution and Tracking

Save time when you manage distribution of policies and track attestation through campaigns.

· Identify, Respond, and Monitor Your Risk

Simplify risk initiatives with an easy-to-use wizard with risk workflow based on the well-recognised NIST 800-30.

· Efficiently Manage Third-Party Vendor Risk

Easily pre-qualify, assess, and conduct remediation to continually monitor and keep track of your vendors’ risk requirements.


You can link control tasks across multiple Compliance Standards to remove duplication of effort.


Audits can easily be done remotely decreasing the time taken to complete. You can also, easily and comprehensively, update your stakeholders where you are in the compliance life-cycle highlighting any bottle-necks and resource requirements.


The KCM GRC platform is offered in different packages to meet the needs of all organisations and is available with the following modules to choose from:


• Compliance Management

• Policy Management

• Risk Management

• Vendor Risk Management


It has 80+ Templates that are managed and maintained by KnowBe4, examples are Lexcel, Cyber Essentials, PCI DSS, ISO 27001, FCA Handbook and of course GDPR along with many others. For a full list Click Here


If you want to reverse the current sentiment and hear your team sincerely say, “Great, let’s do this!” or “I’ve been so looking forward to this!” visit our Product Web-page and Book a Demo to see how you can complete your audits in half the time at half the cost!


We look forward to starting to help you enjoy your audits! 


"Let's do this!"      



Actisoft Technology offers a Compliance Management software solution, please see our product page – Compliance Manager. We also offer Cyber Security Services and Products, including Security Awareness Training, to ensure that you can Work Securely, Everywhere, Everytime. This works whether you are in an office, from home and even the local coffee shop. Talk to us about how we can partner to ensure that your business is secure from current, new and emerging threats.

Book a Demo
]]>Tue, 14 Jul 2020 10:56:18 +0000