Building Cyber Resilience: Lineal’s Accreditations & Expertise

Written by

At Lineal, we believe cyber security is built on trust, expertise, and continuous learning.

Our team holds a range of respected accreditations that demonstrate our ability to help organisations stay secure in an increasingly complex threat landscape.

Lineal’s Cyber Security Accreditations

NCSC-Approved Cyber Advisors

We’re proud to have two NCSC-Approved Cyber Advisors, Alex and Joe, on our team.

Recognised by the UK’s National Cyber Security Centre, Cyber Advisors are qualified to provide trusted, and practical guidance to help organisations of all sizes strengthen their cyber resilience.

NCSC Assured Service Provider (Cyber Advisor)

Lineal is recognised as an NCSC Assured Service Provider, an official mark of quality from the National Cyber Security Centre. This accreditation confirms our ability to deliver cyber services to a high professional standard.

Defence Cyber Certification Level 0 Certification Body

The Defence Cyber Certification (DCC) is a new, comprehensive, cyber security certification framework for UK defence suppliers. The DCC certification emphasises the overall security and resilience of the organisation. It provides a single, organisation-level, assurance which can be presented in support of UK Defence Procurements (subject to annual check-in and re-certification every 3 years).

ISO27001 Auditing 

Lineal’s in-house ISO 27001 Lead Auditors provide our clients with structured, best-practice security guidance based on internationally recognised standards. This means alongside technical solutions we help organisations build sustainable, well-managed cyber security practices that reduce risk, support compliance and strengthen long-term resilience. It’s a reassurance to prospects and clients that we follow the same high standards we help others achieve. 

Cyber Essentials Certification Body

As an official Cyber Essentials Certification Body, Lineal is authorised to assess and certify businesses against the UK Government’s Cyber Essentials framework.
This helps organisations adopt proven security controls that defend against the most common online threats.

Our Team’s Cyber Security Expertise

Joe:

  • NCSC Cyber Advisor (Cyber Essentials Implementation)
  • Cyber Essentials Assessor
  • ISO 27001:2022 Lead Auditor
  • IASME Defence Cyber Certificate Assessor
  • Approved Reviewer for the Secure Innovation Security Review Scheme (NPSA / NCSC / DSIT / DBT)
  • Microsoft Identity and Access Administrator Associate
  • Microsoft Azure Security Engineer Associate

Alex:

  • NCSC Cyber Advisor (Cyber Essentials Implementation)
  • ISO 27001:2022 Lead Auditor
  • Microsoft Identity and Access Administrator Associate
  • Microsoft Security Operations Analyst Associate

Billy:

  • Microsoft Identity and Access Administrator Associate

These qualifications cover everything from managing secure identities to monitoring security operations and protecting cloud infrastructures.

Staff Training

At Lineal, we know that educating teams is one of the most effective ways to reduce the risk of a cyber breach, which is why all our staff take part in regular cyber security training.  

Your people are your first line of defence – organisations that invest in regular cyber awareness training reduce their phishing link clicks from around 30% to below 5%.  

Why This Matters

Together, these accreditations highlight Lineal’s dedication to cyber resilience.
They show that we don’t just talk about security – we invest in the skills, expertise, and official certifications that give our customers confidence, peace of mind and trust in our ability to keep them safe.

📩 To find out how our expert team can help protect your organisation, get in touch: [email protected] | 01271 375999.

Want to take part in a FREE Human Cyber Risk Assessment? Enter your details below – our team will be in touch!

Why Training Your Staff to Spot Cyber Threats Is Critical

Written by

Cybersecurity isn’t just about deploying firewalls or antivirus software – it’s about training your staff to recognise and respond to threats before they escalate. Even the most advanced systems can’t prevent a breach if an employee unknowingly clicks a malicious link. That’s why security awareness training is essential for every organisation.

A Real-World Example: How One Click Led to a Cyber Incident

Recently, a UK homelessness charity faced a serious cyber threat. A finance team member clicked on a malicious email link, compromising their account. The attacker then exploited SMS/WhatsApp-based MFA: a tactic that’s becoming increasingly common to attempt access.

Here’s how fast it happened:

  • +4 mins: Our Security Operations Centre (SOC) detected the malicious link click.
  • +5 mins: Incident ticket raised and response initiated.
  • Immediate: Attacker’s sign-in attempt blocked.
  • Containment: Mailbox rules checked and secured.

Despite rapid response, a partner organisation received a malicious email before containment. We even guided that partner (who wasn’t our client) through recovery steps, earning a public thank-you on social media.

What This Teaches Us

This incident highlights three critical truths:

  1. SMS or messaging-based MFA isn’t enough – Switch to app-based MFA for stronger protection.
  2. Speed matters – A 4-minute detection window prevented a much bigger breach.
  3. Education is key – Human error remains the #1 attack vector.

Why Security Awareness Training Works

Training your staff is about building a culture of vigilance – not simply ticking a compliance box for insurance purposes. Effective security awareness programs teach employees to:

  • Recognise phishing attempts before they click.
  • Practice safe online habits, like verifying links and attachments.
  • Stay informed about evolving threats and attack techniques.

When employees understand the risks and know how to respond, they become your strongest defence – not your weakest link.

How We Help You Stay Secure and Resilient

As your trusted MSP partner, we go beyond technology to deliver real, actionable protection. Here’s how we help safeguard your business:

1. Strengthening Your MFA Setup

We audit your current Multi-Factor Authentication (MFA) policies to ensure they’re truly secure. If you’re still using SMS-based MFA, we’ll help you transition to more robust options like app-based authenticators (e.g., Microsoft or Google Authenticator) or hardware tokens for sensitive accounts. We’ll also document and explain the changes so your team understands the value.

2. Delivering Ongoing Security Awareness Training

We provide structured, engaging training sessions for your staff: covering phishing, password hygiene, and safe data handling. Our simulated phishing campaigns help reinforce learning, and we offer targeted follow-up training for anyone who needs extra support. This isn’t a one-time event – our training evolves with the threat landscape.

3. Enhancing Your Email Security

We configure advanced email protections including Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication, Reporting & Conformance (DMARC) to prevent spoofing and phishing. Our AI-powered filtering tools catch malicious links and attachments before they reach your inbox. We also monitor for suspicious mailbox rule changes that could indicate a breach.

4. Building and Testing Your Incident Response Plan

We ensure you have a clear, documented incident response plan with defined escalation paths and communication protocols. We regularly test these plans through tabletop exercises or live simulations – so when something happens, your team knows exactly what to do. Our goal: detect and contain threats within minutes.

5. Keeping You Informed and Empowered

We share real-world examples to help you understand emerging risks. We position cybersecurity as a business continuity issue – not just an IT concern. You’ll receive clear reports on training progress, MFA adoption, and phishing simulation results, so you always know where you stand.

Ready to Strengthen Your Security?

Our expert cybersecurity team can help you implement:
✔ Security Awareness Training
✔ MFA best practices
✔ Proactive threat monitoring

📧 [email protected]
📞 01271 375999

Don’t wait for a breach to learn these lessons. Start today!

When Cyber Criminals Target the Most Vulnerable

Written by

The recent cyber attack on the Kido nursery chain has sent shockwaves through the cyber security community. Hackers, operating under the name Radiant, claim to have stolen the highly sensitive personal information of around 8,000 children from the organisation’s UK nurseries.

The data reportedly includes names, addresses, photographs, parental contact details, and even safeguarding notes — information that should never fall into the wrong hands.

Worryingly, the attackers have allegedly contacted some parents directly as part of their ransom demands, and have already published samples of the stolen data on the dark web to prove their claims.

“An absolute new low”

Experts have been quick to condemn the attack. Cyber security firm Check Point labelled the incident “an absolute new low,” while the National Cyber Security Centre (NCSC) described it as “deeply distressing.”

Jonathon Ellison of the NCSC commented:

“Cyber criminals will target anyone if they think there is money to be made, and going after those who look after children is a particularly egregious act.”

Parents speaking to the BBC described the experience as frightening, though some praised the nursery chain’s swift response in notifying families.

Why this matters

This incident underlines a harsh truth: no organisation is too small, too local, or too “caring” to be targeted. Criminals follow the data — and in this case, it’s children’s personal information.

Data breaches like this can have far-reaching consequences, not just for the organisation affected but also for the families and individuals caught up in the fallout.

It’s also another reminder of the importance of:

  • Encryption for sensitive data
  • Regular cyber security audits and reviews
  • Employee training on phishing and social engineering tactics
  • Accredited frameworks such as Cyber Essentials to put robust protections in place

How Lineal can help

At Lineal, our Security Team includes IASME-approved Cyber Advisors who work with organisations of all sizes to strengthen cyber resilience. From baseline protection like Cyber Essentials to more advanced solutions, we help ensure your technology — and the people who depend on it — remain safe from digital threats.

Cyber criminals are becoming more ruthless in their choice of targets. Make sure your organisation isn’t left vulnerable.

👉 Find out more about our cyber security services here: https://www.lineal.co.uk/cyber-security

Do you want a FREE Domain Password Breach Check? Get in touch or call our expert team on 01271 375999.

Lineal Becomes Exeter Chiefs’ First Ever Digital Sponsor

Written by

We’re proud to announce that Lineal Software Solutions Ltd has signed a landmark new partnership with Exeter Chiefs, becoming the club’s first-ever Digital Sponsor.

This exciting collaboration reflects our shared commitment to innovation and community, and marks the beginning of a new chapter in the way supporters engage with the club online.

Our team works with organisations across the UK and internationally, delivering trusted IT solutions that help businesses stay secure, connected, and efficient.

As a family-run business with deep roots in the region, we’re delighted to be partnering with the Chiefs – a club that shares our values of excellence, resilience, and strong community connection.

Bringing Technology to the Game

As part of the agreement, Lineal’s brand will feature across Exeter Chiefs’ digital platforms, including:

  • Match-day graphics
  • Email newsletters
  • Social media content
  • Fan engagement initiatives

Supporters will also see our presence at Sandy Park on match-days, as we help bring the club’s digital experience to life both online and in-stadium.

Looking Ahead

Lineal Director, Matt Norris, said:

“We’re incredibly excited and proud to become the first-ever Digital Sponsor of Exeter Chiefs. As a well-established South West business, it’s a real honour to support the club’s digital evolution and help enhance the experience for supporters in new and innovative ways.”

We look forward to working closely with Exeter Chiefs to expand their digital presence, strengthen fan engagement, and celebrate the passion of rugby in the South West.

Founded in Barnstaple over 35 years ago, Lineal has grown to become one of the South West’s leading IT providers — specialising in:

Managed IT Support

Keep your business running smoothly with proactive IT support. From day-to-day troubleshooting to long-term strategy, our team ensures your systems stay reliable, secure, and optimised for performance.

Cyber Security

Protect your data, systems, and operations with robust cyber security solutions. We safeguard your business against evolving threats so you can work with confidence and peace of mind.

Phones & Networking

Stay connected with modern business phone systems and high-speed broadband. From VoIP to enterprise networking, we design solutions that keep your team and customers communicating without interruption.

Microsoft 365

Unlock Microsoft’s full suite of productivity tools — from Teams and SharePoint to Word, Excel, and Outlook. We’ll help you deploy, manage, and get the most out of Microsoft 365 for smarter, more collaborative working.

ERP Software

Gain full visibility and control over your organisation with our powerful ERP solution. From finance and operations to stock control and customer management, streamline processes and make data-driven decisions with ease.

Ready to elevate your IT? Whether you’re improving security, efficiency, or modernising systems, Lineal’s expert team is here to help.

Contact us today to discover how we can support your goals and drive your business forward.

One Weak Password Took Down a 158‑Year‑Old Logistics Company

Written by

A startling cyber security breach has shut down KNP Logistics Group, trading under the historic Knights of Old brand – a firm with 158 years of heritage. The company, based in Northamptonshire, collapsed after cyber‑attackers from the Akira ransomware gang infiltrated its systems by guessing a single weak employee password.

What Happened?

  • KNP operated a fleet of roughly 500 lorries, supporting over 700 employees across multiple sites.
  • Attackers penetrated KNP’s IT infrastructure using a weak password, encrypted all critical systems and data, and locked staff out of essential business operations.
  • A ransom note claimed: “If you’re reading this … your company’s infrastructure is fully or partially dead”, demanding up to £5 million, a sum beyond KNP’s means.
  • Despite holding cyber-attack insurance and supposedly complying with industry IT standards, KNP was unfortunately not able to recover. All backups, endpoints, and the disaster recovery environment were compromised, rendering recovery impossible.
  • Within months, the company entered administration; the majority of the workforce was made redundant. Only a small portion of the business was salvaged via asset sale.

KNP’s Director, Paul Abbott, revealed he has not informed the employee whose password was compromised – a sensitive issue he posed to staff members: “Would you want to know if it was you?”.

Why This Matters to Lineal Clients

  • A single weak password caused catastrophic failure – even companies with long-standing reputations and cyber insurance are vulnerable.
  • Basic cybersecurity hygiene matters: password strength, multi-factor authentication (MFA), segregated credentials, regular training, and tested offline backups are essential.
  • Insurance is no safeguard without strong internal controls: KNP had insurance, but its inability to respond to a full-system compromise rendered it ineffective. Furthermore, insurance companies are becoming increasingly less likely to pay out for cybercrimes.

How We Can Help

  • Lineal provides a range of comprehensive cyber security packages to keep your business safe at all times.
  • We offer cyber security advice, guidance and support, as well as managed data backup plans to ensure your business data is secure.
  • Our team of Cyber Security Experts is always on hand to answer any of your queries, questions or concerns.

Broader UK Cyber Risk Landscape

This is not an isolated incident. Other high-profile UK businesses, such as M&SCo-op, and Harrods, have recently suffered cyber incidents, with Co-op confirming a compromise of 6.5 million member records.

The UK’s National Crime Agency (NCA) reports a doubling in serious ransomware cases to around 35-40 per week, with 2025 on track to be the worst year yet for such attacks.
Similarly, the National Cyber Security Centre (NCSC) is calling for urgent reforms, including mandatory cyber audits, stronger defences, and smarter incident reporting protocols.

Key Lessons for Businesses

Threat FactorMitigation Strategy
Weak or reused passwordsEnforce unique passwords & passphrases, passwordless authentication,
password managers
Lack of multifactor authentication (MFA)Implement MFA across all systems
Insufficient backup strategyMaintain air‑gapped, regularly tested backups
Insurance gapsMatch policy limits to risk, ensure insurer audit requirements are satisfied
Human errorConduct regular staff training and phishing simulations

Protecting Your Business with Lineal

At Lineal, we help SMEs build resilient cyber‑posture through layered defence strategies. From assessing password security and deploying MFA to designing robust off-site backup plans and aligning insurance with real-world exposure, Lineal offers:

  • Guided Cyber Essentials Certification
  • Comprehensive IT & Cyber Security Solutions
  • Employee-Focused Cybersecurity Training
  • Phishing Attack Simulation & Penetration Testing

Let us help you avoid a legacy-ending breach, because even just one cyber security weakness can undo 158 years of success.

Do you want a FREE Domain Password Breach Check? Get in touch!

Cyber Attacks on UK Retail Giants: A Wake-Up Call for Every Business

Written by

In a wave of high-profile cyberattacks shaking the UK retail sector, major leading retailers including Marks & Spencer (M&S), the Co-operative Group (Co-op), and Harrods have suffered serious breaches — exposing weaknesses in cyber security that extend far beyond the high street.

One of the most notable cases involves hackers from the Scattered Spider group, a sophisticated cybercriminal network known for targeting large enterprises using social engineering tactics. This time, the damage was closer to home — and deeply revealing.

How the Attacks Happened

What sets these attacks apart isn’t the complexity of the malware used — but how human psychology was exploited.

The attackers impersonated staff members and tricked IT help desk teams into resetting credentials and granting internal access. There was no need to “hack in” — the attackers were let in through a convincing ruse.

“They didn’t break the locks. They simply asked for the keys — and got them.”

This simple but effective tactic highlights a dangerous truth: even the most well-defended infrastructure is vulnerable if your people can be manipulated.

The Fallout: Real-World Consequences

The cost of these attacks was severe and immediate:

Marks & Spencer (M&S): The breach disrupted click-and-collect and contactless payment services and suspended online orders. A reported £650 million was wiped off the company’s market value, with analysts estimating financial damage around £30 million — and weekly losses continuing at approximately £15 million.

The Co-op: Up to 200 stores experienced contactless payment outages, while personal data of members was compromised — including names and contact details!

Harrods: Confirmed an attempted breach and was forced to shut down parts of its systems to contain the threat.

While M&S drew the most media attention, it’s important to understand that attacks like these happen every day — they’re just not always in the headlines.

What Went Wrong Nationally?

1. Underestimation of Social Engineering Threats

The attackers, identified as part of the Scattered Spider group, employed sophisticated social engineering tactics. By impersonating employees and manipulating IT help desk staff, they gained unauthorised access to internal systems without deploying traditional malware. This highlights a national underestimation of human-centric attack vectors and the need for robust verification protocols.

2. Inadequate Multi-Factor Authentication (MFA) Protocols

Despite the implementation of MFA in many organisations, the attackers exploited weaknesses through MFA fatigue attacks—bombarding users with authentication requests until one is approved. This indicates a lack of advanced MFA configurations and monitoring to detect and prevent such abuse.

3. Delayed Detection and Response

The breaches were not immediately identified, allowing attackers to navigate systems, exfiltrate data, and cause operational disruptions over extended periods. This delay suggests deficiencies in real-time monitoring, threat detection, and incident response capabilities at both organisational and national levels.

5. Lack of Unified National Strategy

The attacks reveal a broader issue: the absence of a cohesive national strategy to protect critical retail infrastructure. While individual organisations may have cyber security measures, the lack of standardised protocols and information sharing across the sector leaves gaps that attackers can exploit.

6 Key Lessons Every Organisation Should Take Away

These events are a clear warning to all industries — not just retail. Whether you’re running a high street chain or a digital-first operation, the same fundamental vulnerabilities apply.

1. Social engineering is now the front line
Hackers don’t always need to breach firewalls or guess passwords. If your staff can be deceived, your business is already exposed. It’s widely reported that social engineering accounts for up to 90% of cyber-attacks.

2. Multi-Factor Authentication (MFA) is a must
MFA should be enabled across all systems — not just critical ones. It’s a vital extra layer of defence.

3. Helpdesk protocols need tightening
All password resets and identity verifications should follow strict, auditable procedures. The rise of AI makes deepfake and spoofing attempts harder to spot — don’t take people at face value.

4. Monitor for suspicious activity
Set alerts for logins from unexpected IP addresses, geographic locations, or devices. Identity and access management (IAM) tools can help flag anomalies before they become breaches.

5. Audit access privileges regularly
Review and reduce admin-level accounts. Ask: does this user really need that level of access?

6. Cybersecurity is everyone’s job
Train all staff to spot phishing, impersonation, and other common threats. The more eyes on the problem, the safer your organisation becomes.

🛡️ How Lineal Can Help Protect Your Business

At Lineal, we help organisations stay ahead of evolving threats and close the human, procedural and technical gaps that attackers exploit:

Cyber Security Awareness Training
Regular staff training and simulated phishing tests to improve real-world readiness.

Secure Helpdesk & MFA Protocols
We help you implement robust systems that reduce the risk of human error — including MFA setup and secure identity verification.

24/7 Threat Monitoring
Our team actively monitors your systems for suspicious behaviour, helping catch threats before they escalate.

Disaster Recovery & Incident Response
If the worst happens, we’ll help you recover quickly and minimise downtime.

Achieve Cyber Essentials Certification

Feel confident knowing your cyber security measures are backed by a government-approved scheme.

Contact Us Today For Your FREE Cyber Security Consultation

📞 01271 375999
📩 [email protected]

Did you know these Cyber Essentials stats?

Written by

In an era where cyber threats are more sophisticated and frequent than ever, safeguarding your business’s digital infrastructure is no longer optional – it’s essential. According to the Cyber Essentials impact evaluation on gov.uk, a staggering 89% of organisations recommend Cyber Essentials certification as a vital step towards protecting against common cyber threats.

From working with businesses across various industries, we know first-hand the impact having Cyber Essentials can have on businesses, not just from a security standpoint but commercially, too.

The Value of Cyber Essentials

Cyber Essentials is a government-backed certification designed to help businesses defend against the most common cyberattacks. It provides a clear framework for security best practices, making it easier for organisations to bolster their defences and build customer confidence.

Why do so many organisations recommend it?

  • Boost Client Trust: Demonstrate your commitment to cybersecurity and show clients you take data protection seriously.
  • Mitigate Cyber Risks: Reduce the likelihood of successful attacks with proactive security measures.
  • Meet Industry Requirements: With the upcoming LEXCEL requirement for law firms, Cyber Essentials is becoming a mandatory step for compliance and safeguarding sensitive client data.
  • Proven Risk Reduction
  • Organisations with Cyber Essentials controls in place experience 92% fewer insurance claims, demonstrating the real-world impact of proactive cybersecurity measures. This dramatic reduction in incidents not only helps protect your organisation from financial losses but also minimises potential downtime and reputational damage.

85% of Organisations Feel More Cyber-Savvy

The benefits go beyond just compliance. The same impact evaluation revealed that 85% of businesses reported an improved understanding of cyber risks after completing Cyber Essentials certification. This heightened awareness empowers teams to recognise vulnerabilities and take swift action, strengthening an organisation’s overall security posture.

Key benefits of increased cyber awareness include:

  • Stronger Security Awareness: Employees become more vigilant and proactive in identifying potential threats.
  • Reduced Risk of Cyber Attacks: By implementing the recommended controls, businesses significantly lower their chances of falling victim to common attacks.
  • Greater Confidence Handling Sensitive Data: Knowing that your organisation follows best practices gives both staff and clients peace of mind.

How Lineal Can Help

At Lineal, we specialise in guiding businesses through the Cyber Essentials certification process. Our team of experts ensures you understand the requirements, implement the necessary measures, and achieve certification with ease. Whether you’re aiming to meet new industry standards or simply want to enhance your cybersecurity resilience, we’re here to help every step of the way.

🔐 Protect your business. Strengthen your defences. Achieve Cyber Essentials.

📞 Contact us today to get started!