Why small businesses need to work on their cyber security now (and how to get started)

Cybercriminals have already stopped putting all their work into the big guys. Small businesses are now the ideal target. why is this? Because they are often just a little less well prepared. No extensive IT department. No 24/7 security monitoring. And often in possession of just enough technology to be vulnerable, but not enough to shield that vulnerability.

Sound familiar? Then this checklist is definitely for you too.

We provide 10 practical tips to help you boost your cyber resilience today. They are practical, proven and specially tailored to the challenges faced by smaller organizations. Good cyber security is not a luxury — it’s a necessity. It’s a prerequisite for doing business safely.

1. First, take a critical look at your current security

A good defence starts with an overview. Do you know where your sensitive data is stored? Who has access to it? What would happen if a laptop went missing or someone walked into the office without ID?

These kinds of fundamental questions form the basis for a secure digital infrastructure.

2. Passwords should not be a weak link

Poor passwords are digital open doors. Make sure your employees use strong, unique passwords. Set up multi-factor authentication (MFA) and update passwords regularly. You may also wish to consider additional security measures such as biometrics, badges, or tokens. The more layers of security, the better.

3. Follow your data like a shadow

Data is the beating heart of your business. From customer information to quotations. Map out where your data lives (locally, in the cloud, on mobile devices) and protect it with modern endpoint security. Smart tools recognize threats in real time and intervene automatically.

4. Encrypt everything of value

Ensure that all your data (including data in transit and stored data) is encrypted. This will keep it unreadable, even if it falls into the wrong hands.

5. Don’t assume that the cloud will take care of everything

Although the cloud is convenient, it is not inherently secure. You are still responsible for what happens in your cloud environment. So make sure you secure your accounts, APIs and containers. In short: secure everything.

6. Working from home? Set up a VPN

Working remotely is the new normal. But you don’t want your data travelling with you over unsecured networks in cafés or trains. A VPN encrypts traffic and makes remote access a lot more secure.

10. Train your people and repeat this regularly.

Technology helps, but people make the difference. Make sure your team knows what phishing looks like, why they should lock their screen and what ‘zero trust‘ means in practice. Repeat. Repeat. Repeat.

Can’t quite figure it out?

We are here to help. Cybersecurity doesn’t have to be complicated — as long as you know where to start. If you want to go beyond this checklist, OpenSight can help. We offer everything from risk scans and training sessions to advanced cloud security and real-time monitoring, helping you to grow without worry.

Schedule a no-obligation consultation with our specialists for more information.

People, process and technology, in that order

Dutch IT Channel is a leading Dutch platform for IT professionals, decision-makers and suppliers. With their in-depth interviews, market analyses and up-to-date news coverage, they have been a reliable source for developments within the IT sector for many years. Their journalistic quality and independent perspective make Dutch IT Channel a respected authority within the Dutch IT landscape.

Marcel Krommenhoek, founder of OpenSight, said: “I believe that cybersecurity cannot be solved with technology alone. It is just as much a human activity. At OpenSight, we therefore focus on combining people, processes and technology. In that order.”

First, make sure that everyone is aware of cyber security risks. Then, you need to set up proper processes. This will give management control back in the long term. To support this, we provide the appropriate technology to enable you to respond quickly and recover faster after an attack. We also offer an additional automated technology layer that administers the entire framework. ‘

In the interview, we elaborate on our vision and the importance of good cyber security. Read the full interview on the Dutch IT Channel website: https://www.dutchitchannel.nl/interview/666787/opensight-mensen-processen-en-technologie-in-die-volgorde

Summer is just around the corner. For many people, this is a time to get away, recharge their batteries and enjoy some peace and quiet. But cybercriminals? They don’t take holidays. While employees log off, these guys remain active. And that makes the summer period a vulnerable time for many organizations.

Cyber threats don’t take time off

Although the image of a hacker in sunglasses on a beach chair might be amusing, the reality is less light-hearted. Companies operating with reduced staffing levels are particularly vulnerable to cyberattacks. Cybercriminals are quick to exploit these gaps with targeted attacks, summer phishing campaigns, and the misuse of unprotected devices.

Why the summer is particularly risky

• Reduced vigilance With employees on holiday and IT teams understaffed, monitoring is on the back burner. This can result in suspicious signals or reports being overlooked.
• More travel = more risks Working from a holiday location or on the road often means using public Wi-Fi, unfamiliar devices and less secure connections.
• Seasonal scams Cybercriminals capitalise on current events. Think phishing emails about holiday bookings, package deals or fake travel information.

At Opensight, we continue to build digital resilience. Not only for our clients, but also within our own team and offerings. The past few months have been all about growth, on multiple fronts.

Welcome Dominic Boernama

We are proud to welcome a new team member: Dominic Boernama. He strengthens Opensight on the technical side of our organization. With his experience and expertise in IT and security, he brings valuable knowledge that directly benefits our services.

Dominic fits our mission perfectly: to pro-actively help organizations with smart and scalable security solutions. We welcome his arrival and look forward to his contribution to our future projects.

Cyber threat grows. Are you prepared?

The digital world is changing at lightning speed and with it the landscape of cyber threats. From ransomware to sophisticated phishing and zero-day attacks, the risks to organisations are increasing by the day. Small and medium-sized enterprises (SMEs) in particular are an attractive target for cybercriminals, as there is often less investment in modern security.

IT managers and CISOs face an obvious challenge: how do you build a resilient IT environment that not only detects attacks, but also recovers from them quickly? The answer lies in smart integrations, like the one between Commvault and CrowdStrike. That is something OpenSight is happy to help you with.

What makes this cybersecurity integration unique?

The combination of Commvault Cloud and CrowdStrike Falcon® provides organizations with a powerful, integrated solution for cyber detection, incident response and data loss recovery. This collaboration is not just a technical link, but a strategic defense tool that directly contributes to your cyber resilience.

1. Early detection of threats

CrowdStrike’s real-time threat intelligence recognises even the most sophisticated attacks early. Think fileless malware or lateral movements of an attacker within your network. You often don’t see these with traditional antivirus or EDR tools.

2. Insight into contaminated and clean data

Commvault uses this threat intelligence to quickly identify which systems and data have been compromised, and which are still ‘clean’. This way, you know immediately what can be safely restored, without reactivating ransomware during a restore.

3. Fast, controlled recovery processes

Cleanroom Recovery lets you test cyber recovery plans safely in a simulated environment. This ensures that your organization is truly prepared for an attack.

Why choose OpenSight?

As a certified partner of both Commvault and CrowdStrike, OpenSight offers unique additional value:

• Expertise in implementation of both platforms and their integration.
• Customized guidance, from strategic advice to technical implementation.
• Proactive monitoring and optimization of your cyber resilience environment.
• Short lines and clear communication, we are your brainstorming partner.

We work with SMEs, healthcare institutions, educational organizations and companies in industry on a daily basis. We understand your challenges and deliver solutions that fit your budget and ambitions.

Cyber resilience starts with the right choices

Do you want to not only survive a cyber attack, but emerge stronger? Then integrating Commvault and CrowdStrike is the smart choice. And OpenSight is the right partner to make that choice a reality.

Don’t let your organization be caught by surprise. Take the step today towards a robust, future-proof cybersecurity strategy.

Schedule a free strategy session with our experts and find out how your organization will become truly resilient to cyber threats in 2025.

Would you like more and in-depth information on this Commvault and Crowdstrike integration? Then download the Solutions Letter at the bottom of this page.

Last week, two of our key vendors further strengthened their collaboration. We from OpenSight are pleased to see the integration and consolidation continue within our commited vendors.

Commvault en Crowdstrike

Commvault, a leading player in data protection and cyber resilience for hybrid cloud environments, has announced a strategic partnership with CrowdStrike to integrate their advanced cyber security platform, Falcon. This collaboration is aimed at improving cyber threat detection and ensuring rapid recovery, thereby providing businesses with better protection against modern cyber attacks.

By using CrowdStrike’s comprehensive threat intelligence and security data, combined with Commvault’s cloud-first capabilities, this integration provides joint customers with an additional layer of security. This is achieved through real-time threat insights, faster detection and remediation processes.

Strengthening the Cybersecurity Ecosystem

This partnership with CrowdStrike reflects Commvault’s ongoing commitment of expanding its cyber security ecosystem. The company is actively working with leading security providers to develop comprehensive solutions to detect, mitigate and recover from cyber attacks. By integrating their respective strengths, Commvault and CrowdStrike aim to provide companies with a solid defence against cyber threats, enabling them to recover quickly and mitigate damage.

If you want to know more about this integration, feel free to contact us.

Commvault, a leading provider of cyber resilience and data protection solutions for the hybrid cloud, announced today that the Commvault Cloud Platform can be easily deployed from large cloud marketplaces using CIS hardened images. These CIS-hardened images are pre-configured with CIS-recommended settings and controls and are available on the following marketplaces: Amazon Web Services (AWS), Microsoft Azure, Google Cloud and VMware.

CIS-hardened images

CIS-hardened installation copies are software files pre-configured to meet Centre for Internet Security (CIS) benchmarks. Hardening helps reduce vulnerabilities in configurations, such as overly permissive network policies that can create opportunities for malicious actors. In fact, configuration errors are one of the most common causes of vulnerabilities in the cloud, contributing to 23% of attacks on cloud infrastructure, according to industry research. Commvault’s CIS-hardened images are designed to mitigate these risks by pre-configuring the deployment to meet strict security benchmarks out-of-the-box, giving confidence to IT and security teams.

With today’s announcement, Commvault continues its focus on cyber security, adding these deployment options to other security certifications such as FedRAMP® High Authorised, ISO27001:2013, SOC 2, Type II and FIPS 140-2. Customers can use the new CIS-hardened images to quickly and confidently configure and implement Commvault Cloud and benefit from:

Strengthening the Cybersecurity Ecosystem

This announcement coincides with a growing trend of organizations transitioning to the cloud. According to IDC, spending on public cloud services is expected to double to $1.6 trillion by 2028. Over the past year, Commvault has introduced a number of cloud-first offerings to help customers become more resilient in the cloud, including Cleanroom Recovery, Cloud Rewind and Clumio Backtrack. Now the company is taking cloud resiliency to the next level with CIS hardened images for popular cloud marketplaces.

Why is this important?

1. Reduction of vulnerabilities: CIS-hardened installation copies are pre-configured to meet CIS benchmarks, which helps reduce configuration vulnerabilities. This is crucial, as configuration errors are one of the most common causes of cloud vulnerabilities, contributing to 23% of attacks on cloud infrastructure.
2. Enhanced cyber security: CIS-hardened images minimize vulnerabilities by addressing common misconfiguration risks and provide peace of mind against attacker misuse.
3. Ready-made compliance controls: CIS hardened images provide organizations with secure, hardened environments from the moment of implementation and give customers confidence that their control plane has been installed and configured using industry-recognised best practices.
4. Streamlined compliance assignment: CIS benchmarks are assigned to key security frameworks such as NIST CSF, HIPAA, PCI-DSS and ISO 27001, simplifying compliance with complex regulatory requirements.
5. Wide availability of marketplaces: Organisations can implement Commvault Cloud directly from AWS, Azure, Google Cloud or VMware marketplaces, enabling fast and secure installations with minimal effort.

If you want to know more about how we can harden your Cyber Resilency environment based on the CIS standards, feel free to contact us.

Our technology partner Crowdstrike annually publishes the Global Threat Report, which provides insight into key cybersecurity trends and developments. The 2025 report also provides essential insights and clear recommendations for an effective cybersecurity strategy.

This year, some notable trends have been identified:

Breakout time at historic low: The average time it takes attackers to move laterally within a network has decreased to a mere 48 minutes. In fact, the fastest breakout recorded was just 51 seconds.

Voice phishing is skyrocketing: Cybercriminals are increasingly using telephone contact to trick victims with convincing social engineering techniques. Between the first and second half of 2024, this form of cybercrime grew by a whopping 442%.

Growth of initial access as a service: Attacks aimed at gaining initial access have increased significantly. This now accounts for 52% of the vulnerabilities Crowdstrike observed last year. Cybercriminals are increasingly offering initial access ‘as a service’, with an annual increase in ads of around 50%.

Increase in China-nexus cyber activity: Cyber attacks from China-related threat actors increased by 150% on average. Specific industries faced 200% to 300% more attacks.

Deployment of generative AI in cyber attacks: Generative AI technologies were actively deployed for advanced attacks and disinformation campaigns by China-, Russia- and Iran-linked threat actors, among others. For example, highly convincing fake job applicants were created to penetrate organizations.