MSSP Thrive has announced Scott Steele will be the company’s new COO. Steele joins Thrive from Hewlett-Packard (HP) where he served as the VP and head of managed services systems within the Digital & Transformation organization. He played a pivotal role in transforming HP’s Managed Services Partner business with rapid global scale and expansion, according to a statement from Thrive. As COO, Steele brings expertise in operations management, digital transformation and business process automation. Steele’s new role comes at a time of rapid growth for Thrive, which has completed ten acquisitions over the past two years, as well as double-digit organic growth via widespread adoption of their platform. Congratulations!
Scott Steele Joins Thrive as Chief Operating OfficerVeteran HP executive joins leading global technology outsourcer to support long-term growth and unrivaled customer service
Boston, MA, June 26, 2024 – Thrive, a global technology outsourcing provider for cybersecurity, Cloud, and traditional managed service provider (MSP) services, today announced Scott Steele is joining the company as Chief Operating Officer. Steele will bring his expertise in operations management, digital transformation, and business process automation to help Thrive navigate the complexities of the evolving industry and ensure the company continues delivering exceptional value to clients.
Steele joins Thrive most recently from HP, where he served as the VP and Head of Managed Services Systems within the Digital & Transformation Organization. In his role, he was responsible for leading HP’s services transformation and business model enablement. Steele played a pivotal role in transforming HP’s Managed Services Partner business with rapid global scale and expansion. Prior to HP, Steele held several leadership positions in the cloud and data center solutions space at companies like Hewlett-Packard and NER Data Products.
“Thrive’s mission has always been to empower our clients to harness the promise of technology and we are constantly looking for leaders who will help us deliver on this promise, and help the company advance and reach new heights along the way,” said Bill McLaughlin, President at Thrive. “Scott’s proven track record of driving process, scale, and transformation growth at leading global organizations makes him an excellent addition to Thrive’s client-focused team where he will continue to drive innovation.
The addition of Steele comes at a time of rapid growth for Thrive, having completed ten acquisitions over the past two years, as well as double-digit organic growth via widespread adoption of their cybersecurity, Cloud, and next generation managed services platform. The company continues to release additional offerings to help clients better safeguard their business – including Thrive Incident Response & Remediation and Dark Web Monitoring.
“Throughout my career, I have been passionate about implementing business transformations grounded in the client experience and delivering outcomes that have real impact,” said Scott Steele. “I’m looking forward to working alongside the Thrive team to deliver unrivaled digital transformation services to our loyal customers.”
About Thrive
Thrive delivers global technology outsourcing for cybersecurity, Cloud, networking, and other complex IT requirements. Thrive’s NextGen platform enables customers to increase business efficiencies through standardization, scalability, and automation, delivering oversized technology returns on investment (ROI). They accomplish this with advisory services, vCISO, vCIO, consulting, project implementation, solution architects, and a best-in-class subscription-based technology platform. Thrive delivers exceptional high-touch service through its POD approach of subject matter experts and global 24x7x365 SOC, NOC, and centralized services teams. Learn more at www.thrivenextgen.com or follow us on LinkedIn.
Contacts
Amanda Maguire
Thrive Fortifies Zeus Capital’s Secure Expansion in the UK Financial Services Sector Download Now
Zeus Capital, a Manchester-based investment banking firm, sought to strengthen its information security measures amid a shift towards technology integration. This case study outlines how Thrive, a trusted security partner, assisted Zeus with cost-effective cyber security assessment-tailored solutions.
Zeus faced the challenge of managing its information security with a limited internal IT team. With the company’s expansion and increasing reliance on technology, Zeus sought a solution that would provide a comprehensive assessment within budget and adhere to specific requirements. However, it needed more expertise and resources to do so internally. In the wake of significant changes, Zeus prioritised aligning its cybersecurity practices with financial services industry standards.
Why Thrive Was Chosen
Recognising the need for a trusted partner, Zeus selected Thrive based on their extensive expertise in the investment sector and proven strategic consulting capabilities. Unlike competitors pushing unnecessary services, Thrive’s commitment to understanding Zeus’s needs and fostering a long-term partnership resonated with the company’s objectives. Thrive developed a customised cybersecurity framework for Zeus, aligning it with their unique business model and risk appetite. Thrive’s receptive approach, thorough understanding of Zeus’s objectives, transparent methodology, and breadth of capabilities to further support Zeus on their cyber initiatives set them apart.
Strategic Deployment of Advanced Security Measures
As an FCA-regulated investment bank, Zeus wanted an independent third-party evaluation relating to cybersecurity to demonstrate their commitment to secure digital operations. Thrive conducted a Cybersecurity Risk Assessment for Zeus, evaluating its security policies, processes, and controls against the globally recognised CIS framework. This assessment provided Zeus with a clear understanding of its security posture and identified areas for improvement. Thrive then conducted an autonomous penetration test, a simulated cyber attack on Zeus’s systems, to identify potential security gaps and take proactive measures to address them. With this knowledge, Zeus remediated its weaknesses, presenting a robust security strategy to its board.
Thrive’s Impact
Thrive’s impact on Zeus has been transformative, affirming the effectiveness of its pre-existing security measures while identifying areas for improvement. After a thorough Cybersecurity Risk Assessment and subsequent penetration test, Thrive provided Zeus with a clear understanding of its security posture and actionable insights to mitigate risks. This reassured Zeus’s board about regulatory compliance, ensuring the company meets all necessary security standards. Additionally, Thrive’s services have enhanced staff awareness about cybersecurity, equipping them with the knowledge and skills to identify and respond to potential threats. Thrive’s expertise, collaborative approach, and commitment to ongoing support have enabled Zeus to enhance its security posture effectively and safeguard its business and staff from potential threats.
“Thrive’s approach was not just about ticking boxes; it was about truly understanding our security posture and helping us navigate the complexities of cybersecurity in our industry. Their partnership has been instrumental in affirming our security foundations and identifying areas for improvement,” ~ David Boulton, Head of IT at Zeus
About Thrive
Thrive delivers global technology outsourcing for cybersecurity, Cloud, networking, and other complex IT requirements. Thrive’s NextGen platform enables customers to increase business efficiencies through standardization, scalability, and automation, delivering oversized technology returns on investment (ROI). They accomplish this with advisory services, vCISO, vCIO, consulting, project implementation, solution architects, and a best-in-class subscription-based technology platform. Thrive delivers exceptional high-touch service through its POD approach of subject matter experts and global 24x7x365 SOC, NOC, and centralized services teams. Learn more at www.thrivenextgen.com or follow us on LinkedIn.
Thrive Spotlight: Felix Ilionskiy – vCIOWelcome back to another installment of our “Thrive Spotlight” blog series.
Our featured employee is Felix Ilionskiy, vCIO. In his role, he discusses and develops clients’ company goals, reviews and addresses any technical challenges, reviews roadmaps to address any new developments or requirements, as well as serves as an advisor on overall security posture regarding the latest cyber security recommendations. Much of the position is working with clients to strategize long team goals and use of new advancements in technology so that any challenges can be addressed, and goals can be met to keep everything top notch. Felix is based out of Brooklyn, NY and works out of our New York City office.
Outside of work, Felix enjoys spending time with family and friends and spending weekends enjoying outdoors, art, theater, and sports. He trains in Brazilian Jiu Jitsu and enjoys volleyball, ping-pong, scuba diving, billiards, and long walks with his dog.
Hi Felix! Can you tell us about your background and how you came to Thrive?
Since I got degrees in both computer/information science and math in college, I was planning on becoming an actuary, however I found programming to be more interesting. For about 8 years, I worked as a software developer working on accounting and reference data applications and coded in C++ programming language. I then joined InfoHedge MSP and built financial applications implementation practice to assist clients with any custom applications/integrations. I then pioneered an Application Hosting vertical within the firm to offer various Application Hosting services for accounting, trading, and portfolio management application environments. I joined Thrive by way of acquisition in the summer of 2018 and initially continued to run the Application Hosting vertical until I joined the vCIO team to provide technical advisory services to our clients.
Where did you go to school or get training?
I attended Brooklyn College where I got degrees in Computer/Information Science and Math.
What do you most enjoy about working for Thrive?
There are too many things to list but I will give you my top 3. I get to work and have full access to all Thrive teams that are SMEs in their own IT areas. I get to work on different challenges our clients are facing and come up with solutions for them. I also get to see firsthand all the new emerging technologies that Thrive integrates with and offers to our clients and trains us on. This allows me to stay up to date on all new developments which makes things interesting and gives me a challenge and ensures no two days are the same.
Are there any recent exciting projects at Thrive you can tell us about?
I am currently working on several exciting projects. We are onboarding a client that had on-prem domain and file servers and fully converting and migrating them to SharePoint Online. For another client, we are upgrading their application, database, and web server stack from Windows Server 2012 to a mix of Windows Server 2019 and 2022 versions hosted out of the ThriveCloud. I am also working on a project building out a new SS&C Geneva Application and Geneva Core environments with dedicated client Citrix environment for more streamlined remote application access.
Are you interested in learning more about Thrive? Click here!
Don’t forget to follow us on Twitter and LinkedIn for the latest news, and continue checking our blog for more in our “Thrive Employee Spotlight” series. Until next time…
Guarding Britain’s Health: Strengthening Cybersecurity in the UK Healthcare SectorThis month, NHS London was victim to a brutal cyberattack, forcing admin to cancel operations and transfer emergency patients to alternative centres immediately. Among those affected are some of the best-known hospitals in the country, such as King’s College Hospital, Guy’s and St Thomas, and, unfortunately, the Evelina London Children’s Hospital and the Royal Brompton.
However, this problem is a familiar one. Back in 2020, the first death by ransomware was ruled in Düsseldorf. An attack paralysed the hospital’s systems to the extent that it was forced to pause all admissions to its A&E department. This resulted in hospital staff frantically diverting inpatients to a city 19 miles away, proving fatal for one woman. Then, in August 2022, the UK’s NHS 111 service was taken offline by a severe cyberattack, also through its supply chain, via its service provider, Advanced, which meant that 40 million people were denied access.
This illustrates the gravity of ransomware attacks on the healthcare sector. In this blog, we will delve deeper into recent trends so your company can maintain agility in the face of ever-evolving and ruthless attacks.
Complex supply chain
Britain’s NHS delivers care to 68 million people and is one of the world’s largest employers, providing work to 1.7 million people. Still, it is behind only the US and Chinese military, Walmart, and McDonald’s. Despite its vast size, it was successfully breached earlier this month and continues to suffer significant disruptions, such as six entire NHS trusts. Many GP practices are spread across southeast London, serving 2 million Brits. This is due to a breach in Synnovis, a private firm that the NHS uses to examine blood tests.
A senior NHS source warned that it would take “many months” to resolve and that it is not yet clear “how the hackers gained access to the system, how many records have been affected and whether these records are retrievable.” As a result, even an entity with the enormous infrastructure of the NHS has been forced to dust off a paper records system, where patients’ information is printed and blood samples hand-delivered by porters.
Already in 2022, the NHS suffered a severe ransomware attack caused by a violation of its Adastra software, which was operated by a third party. Was this a test of the NHS supply chain? This ransomware attack not only caused financial disruption but also distress to patients in the care homes whose data was sold.
Attacks continue. Earlier this year, in March 2024, NHS Dumfries & Galloway was hit by an attack that caused widespread distress and the release of confidential patient data. The implications and investigations of this attack are ongoing, and public concern continues.
Why is the UK healthcare sector so vulnerable?
Martin Lee, Cisco’s UK-based security research lead, warns: “When healthcare systems and data are unavailable, lives are potentially at risk. This makes the sector a tempting target for criminals. Outages put pressure on management to pay off the attackers to restore availability quickly. However, paying the ransom means that these attacks remain profitable and ultimately only serve to encourage further attacks.”
According to a report by Cisco’s Talos threat intelligence division, healthcare providers were the most targeted by ransomware gangs last year. The report attributed this to these organisations having “underfunded budgets for cybersecurity and low downtime tolerance.”
The figures back this up, as this marks the third time that Synlab and Synnovis have been attacked, affecting pathology services across Europe. For example, in June 2023, the ransomware gang Clop breached the French branch and stole data, while earlier this year, Synlab’s Italian subsidiary was hit by a separate ransomware group, Black Basta. The group gained access to around 1.5TB of data and published it in its entirety when no final ransom was paid.
A similar attack was the one on the Finnish mental health giant Vastaamo in 2020, where a copy of all data on the system was sent to the attacker. This included names, addresses, and notes from the therapist on each private session. The work therapists do in dealing with people’s deepest fears and secrets is naturally a very sensitive one, and this attack was devastating for the mental health of its victims. Vastaamo has now ceased trading.
Concerns over the potential escalation of these attacks had been raised in Parliament in 2023, as the increasing use of digital healthcare in the UK means that more critical equipment and systems are connected to the internet, making them a potential target for cybercriminals. However, in a post-COVID world, the use of telemedicine is increasing. In 2023, the NHS began circulating information on ‘Connected Medical Devices’ cyber vulnerabilities to its staff. In February 2024, the World Economic Forum went so far as to name the Healthcare sector as the biggest target for cybercrime due to the critical data it holds and the online devices controlling people’s lives.
How has unpreparedness for attacks recently affected the healthcare sector?
The desperate need to get back online is one of the reasons why 38% of healthcare organisations are reported to have paid a ransomware fee. A 2022 survey of 100 cybersecurity managers in the UK health sector found that 81% of healthcare organisations in the UK had been hit by ransomware in the previous year. Whilst 38% paid the ransom to regain their files, 44% refused to pay and lost their healthcare data. Close to two-thirds (64%) of respondents admitted their organisation had to cancel in-person appointments because of a cyber-attack.
Even unexpected sources can be vulnerable in the healthcare sector. The London Borough of Camden recently warned of a risk to personal data after one of their suppliers of beds, hoists, and grab rails was attacked. Computers attached to MRI machines, CT scanners, blood pressure and heart-rate monitors are vulnerable and provide back doors into connected systems.
How can you protect your business?
These numerous and ruthless attacks serve as another reminder to have the measures in place to prevent you from being caught off guard. The NHS experience illustrates how even large, well-resourced providers can be vulnerable to prolonged disruptions if proper security measures are not in place. The UK government has committed to a series of measures to support healthcare providers by 2030. Still, in the meantime, businesses in the supply chain must take appropriate measures to keep defences high.
At Thrive, we specialise in providing industry-leading cybersecurity solutions tailored to you and your staff’s needs. Our team of experts can work closely with your organisation to identify vulnerabilities, implement robust safeguards, develop incident response plans, and ensure you have the defences to maintain operational resilience in the face of ransomware and other malicious attacks.
Don’t leave your systems, data, and, most importantly, your patients at risk. Contact Thrive today to learn how we can fortify your company and give you the peace of mind to continue delivering essential services without disruption. Protect your operations, reputation, and ability to contribute to life-saving care with Thrive as your trusted cybersecurity partner.
Strengthening Financial IT Resilience: Navigating DORA Compliance with Thrive (Part 1)Overview:
The Digital Operational Resilience Act (DORA) was enacted on January 16, 2023, and will be enforced starting January 17, 2025.
DORA aims to ensure the IT resilience and security of any financial entity (FE) in Europe and their ICT providers, including banks, crypto, insurance, and investment firms, even during severe operational impacts like denial of service (DDoS) cyber-attacks and ransomware. Thrive can assist in the key areas that support compliance with DORA.
Third-Party Risk Management:
For DORA, this is the most significant and underestimated work for firms with the usual resilience. DORA mandates the analysis, contractual documentation, and management of third-party risks. Thrive enhances security by ensuring essential third-party providers are evaluated, documented, approved, monitored, and managed.
Oversight of Critical Third-Party Providers:
DORA requires an oversight framework for critical third-party providers. Thrive enhances transparency and accountability within this ecosystem, ensuring essential services remain accessible under challenging circumstances.
Incident Response and Reporting:
Thrive facilitates comprehensive incident response processes, enabling IT teams to troubleshoot devices promptly, diagnose issues, mitigate and remediate systems, apply patches, and recover systems. This also helps to ensure timely reporting and resolution of operational disruptions.
Testing and Resilience Assessment:
Thrive supports complete digital operational resilience testing or disaster recovery and business continuity in existing terms. Testing these plans helps institutions evaluate the effectiveness of alternative processes and seamlessly switch to secondary methods during disruptions.
Audit Trails and Logs:
Thrive generates detailed audit trails and logs of user activities, assisting organisations in demonstrating compliance with DORA’s requirements. This will also facilitate information sharing around threats seen or experienced, particularly zero-day attacks.
Responsibility and Accountability (i.e. Governance):
DORA establishes clear responsibility for operational resilience at the highest levels of a firm, including the Board and senior executives (CxOs). They play a crucial role in implementing DORA’s essential components.
Critical Plans (i.e. Risk Management Framework):
Board members and senior executives will need to approve critical plans related to operational resilience. These plans include the firm’s digital operational resilience strategy and its policy regarding ICT Third Parties (TPs). DORA is acknowledged as best suited to ISO 27001 – more on this in part 3 of this blog series.
Daily Operations:
Senior leaders are also responsible for making decisions integrating DORA’s requirements into the firm’s day-to-day operations. This involves setting risk tolerance levels and prioritising actions to address identified operational vulnerabilities.
In simpler terms, DORA ensures that financial institutions and technology partners are well-prepared to effectively handle disruptions and cyber risks. It’s all about making sure our FEs stay strong and resilient!
Part 2 of this blog series will examine the EU’s process to get to where we are from the initial 2023 effective date. The EU set up numerous European consultations with FEs and conducted dry runs with well-known participants, particularly on the third-party risk management process and expectations. Feedback is contained in many fascinating spreadsheet entries. Many lessons have been learnt and challenges raised, where the EU believes that requirements are reasonable, but the industry may have alternative views.
Responses to public consultations on DORA 1st batch.xlsx (live.com)
In conclusion, Thrive is crucial in bolstering our client’s operational resilience through our own operationally resilient platform and business, reducing dependency on single systems, teams, or procedures, and enhancing risk management in the financial sector in alignment with DORA’s objectives.
Graphic Source: https://kpmg.com/lu/en/blogs/home/posts/2023/04/dora-regulation-all-your-questions-answered.html
New VMware Licensing Changes under Broadcom create Choppy WatersAs everyone navigates the future of VMware within Broadcom, and the economic impact of their much-publicized price hikes, please lean on Thrive to help re-architect your cloud strategy for greater technology ROI. As one of the largest VMware Cloud Providers in the world, with more than a dozen Global Cloud nodes in Tier IV datacenters, Thrive has the technical expertise and available resources to design complex project plans to migrate large workloads.
We have been formally selected as a Premier Level Broadcom Advantage Partner. As a Premier Partner, Thrive will continue to offer secure VMware-powered Cloud Solutions that span from Dedicated Private Cloud to fully managed Multi-Tenant Cloud to self-managed Infrastructure-as-a-Service (IaaS). Thrive’s Cloud offerings provide attractive alternatives to companies who are running on-premises or datacenter workloads, and who have been impacted by the Broadcom licensing changes.
Major Considerations for Migrating to ThriveCloud:
- Security, predictability, and resiliency
- Increased productivity while receiving concierge-type managed support
- Lower, predictable costs, leveraging Thrive’s subject matter experts
- IaaS self-managed Options
Secure
On-prem servers are more difficult to protect and are often the “low-hanging fruit” for cyber-attacks with recent stats suggesting a 20% higher target rate. Thrive’s Cloud Services are protected by our 24x7x365 eyes on glass Global SOC with standard Virtual Firewalls, IDS/IPS, EDR, SIEM, Zero-Trust, Vulnerability Protection & other cybersecurity options.
Resilient
Fully Redundant Tier IV Datacenters, VMware Architecture with DR & Replication options around the Globe. Download our Client Resiliency Checklist to learn more.
Scalability & Flexibility
Thrive recognizes that a single Cloud option may not be sufficient to meet your clients’ needs. Instead, we embrace the idea of a multi-cloud environment, leveraging Private, Public, and Software-as-a-Service (SaaS) cloud platforms to offer high performance, scalable, and reliable options to meet every business’ mission critical needs on demand.
For organizations looking to implement new application hosting strategies quickly, Thrive is ready to engage as your trusted virtualization partner of choice. Our expert team will work with you to design the solution that best fits your needs and budget.
Please select “ThriveCloud 24” in the requested services dropdown to learn about our zero upfront cost migrations. Reach out today
Organizations are Striving to Maximize Cyber ResilienceFrom the daunting task of navigating stringent security regulations and ever-evolving compliance requirements to the constant, looming threat of cyberattacks, organizations often feel like they’re in a constant battle. The need for strategic expertise and guidance in such a challenging climate is undeniable. Yet, hiring a full-time Chief Information Security Officer (CISO) is a daunting prospect for many organizations, often due to resource limitations.
Overcoming the IT skills gap and maintaining a secure businessTechnology continues evolving and advancing at a rapid speed, ringing in unparalleled opportunities, but also creating new vulnerabilities. With this comes the demand for a workforce equipped with up-to-date skills to counter emerging threats. However, the pace of skill acquisition often lags the evolving threat landscape – opening organizations to increased risks.
Unexpected Cyber Threats Put Housing Associations and Tenants at RiskHousing associations across the UK increasingly find themselves in the crosshairs of highly skilled cybercriminals. According to RSM UK, a whopping quarter of housing associations have suffered an attack in the last 12 months. This tidal wave of high-profile attacks has exposed – how vulnerable these organisations can be to data breaches, ransomware, and system disruptions. With many housing providers handling sensitive data on tens of thousands of UK tenants, the stakes could not be higher.
Not just compromised data
Clarion Housing Association – the country’s largest with over 125,000 homes – was struck by a major cyber-attack that crippled both its IT systems and phone lines. While the full extent of the breach remains unknown, Clarion warned tenants that their data may have been compromised. The incident follows similar attacks in recent years on housing providers like Bromford and Connexus (the latter needs to be clarified about the amount of tenant data stolen) and local councils that manage public housing.
The effects of these cyber incidents are severe and widespread. For tenants, they put their private information – such as financial records and contact details – at risk of being exposed or held for ransom by criminals. Housing services can halt, making reporting maintenance issues or making rent payments impossible. At best, this poses a significant inconvenience for tenants, landlords and organisations alike. Or, at worst, a threat to housing security for some of the UK’s most vulnerable people in society, such as the elderly, disabled and low-income population.
Not hours… but days or even weeks for recovery
Successful breaches lead to costly downtimes, lengthy reparation procedures, potential ransom payments, penalties from bodies such as the ICO for failure to protect citizens’ data, and highly long-lasting reputational damage. For example, the Bromford attack took days to recover, while a council in South West England is still working to fully restore its systems two years later, having shelled out hundreds of thousands of pounds. Many entities cannot afford these major financial blows and operational disruptions, especially during the current cost of living crisis.
So, why are housing associations such an attractive target for cybercriminals? And what can be done to better shield the sector against escalating threats?
The vulnerabilities of businesses holding sensitive data
A key factor making housing associations a lucrative target is their heavy digital footprint and the sheer volume of sensitive data they hold online. As organisations embrace the digital world to provide modern online services and store data effortlessly, they exponentially increase the potential attack vectors that cybercriminals can exploit. More smart home and office technology, online customer portals, and web-connected devices mean more endpoints to be secured. Moreover, criminals also perceive housing associations as having weaker cyber defences than other sectors. Budgetary constraints often prevent robust investments in cyber security measures and IT teams. The survey from RSM UK found a shocking 75% of housing associations felt underprepared to deal with ransomware attacks.
The data itself is also precious on the dark web. Housing records contain a treasure trove of personal information on tenants, including contact details, financial data, and home addresses, that can be used for follow-on phishing, fraud, and even physical home break-ins. Analysts estimate cybercrime costs the British economy £27 billion annually, providing ample incentive for criminals to target housing associations.
Deliver the reassurance that tenants crave
While facing this escalating risk, housing associations must take proactive steps to prioritise cyber security and safeguard their systems, data, operations and customers. This goes beyond achieving minimum compliance standards to adopt a comprehensive, vigilant security stance.
Crucial capabilities include steadfast threat monitoring and vulnerability scanning to identify and patch security gaps before cybercriminals can exploit them. 24/7 security operations centre (SOC) services can provide cost-effective, round-the-clock monitoring that most housing associations lack in-house and the reassurance tenants crave. Penetration testing is also vital, potentially using certified ethical hackers to probe for vulnerabilities from an attacker’s perspective. Combining this offensive approach with defensive meticulous cyber hygiene like software updates, multi-factor authentication, and data encryption makes it infinitely more complex for real-world criminals to carry out a breach successfully.
Regular security awareness training must also be provided to educate employees on evolving threat vectors like phishing, which remains the most common initial attack vector: human error and a lack of cyber awareness among staff open doors for cybercriminals to explore.
Another major weakness is third-party vendors and supply chains, which criminals often use as indirect attack routes to targets. Housing associations must implement strict vetting processes and security requirements for all suppliers and partners.
Predefined and practised working protocols
Housing associations must have comprehensive incident response and disaster recovery plans ahead of time. When attacks inevitably occur, having predefined protocols regarding containment, recovery, and communication is critical to minimising damages and restoring operations as quickly as possible. Too many housing associations have learned the hard way through devastating cyberattacks in recent years. However, by treating cybersecurity as an essential business imperative rather than an afterthought, these organisations can avoid escalating threats and better secure their systems, data, staff, and tenants. With dwindling budgets available during the current cost crunch, providers need partners that deeply understand their challenges and can strategically align services to their priorities.
No organisation is immune to cyber threats in today’s hyper-connected world. But, through concrete investments and strategic partnerships, housing associations can dramatically improve their cyber resilience and focus on their core missions of providing safe, reliable homes and services to all who need them.
At Thrive, we specialise in delivering tailored cybersecurity solutions designed for housing associations’ unique challenges.
The need for action is clear.
Don’t allow your housing association to become another cybercrime statistic. Contact Thrive today so we can work alongside you to comprehensively safeguard your systems, data, team, and tenant community with cutting-edge cybersecurity services. Using our CIS-aligned frameworks we allow you to provide your services with inbuilt peace of mind.