With the rise in cyber crime, a defensive cyber security strategy is no longer enough. In an increasingly connected yet remote world, the scope of cyber security can be vast, complex, and difficult to coordinate. Businesses need to build cyber resilience into every part of the business and be confidently equipped to successfully mitigate against cyber attacks as they seek to exploit human nature and nonstandard operating models.
Here are 5 initial considerations when evaluating your organisation’s current cyber defence mechanisms.
1. Accept that the threat continues to rise
Cybercrime has always been around. The big difference between now and decades ago is the rise in complexity. When computers were less sophisticated, the ways in which hackers attempted to break into them were also basic, such as emailing a simple executable malware file. Cyber criminals are now bypassing systems, deleting backups, reformatting disks, and using automation of their own, such as monitors that identify security responses and automatically react. Incursions can take months. Attackers are patient, relentless and highly incentivised. In 2021, ransomware attacks saw an increase of 148% on the previous year and one estimate calculates that the average ransomware pay-out grew more than 80%, reaching over €500,000.
2. Accelerated digital innovation intensifies cyber risk
Frustratingly for businesses, technologies that have become intrinsic to their productivity – such as cloud computing and hybrid working – have become a particular target. The need to rapidly shift to new operating and working models during the pandemic brought previously-unknown cyber security issues for many organisations. It also opened doors for cyber criminals to seek out weaknesses. We saw evidence of two-factor and multi-factor authentication being compromised as attackers tricked victims into revealing their challenge/response answers or clone a mobile phone SIM. Continued advances in security and a growth in cyber security awareness inside organisations are helping secure the cloud and hybrid working models.
3. Toolsets have evolved thanks to automation
As cyber-attacks evolved over the past few years, traditional cyber security tools started to lag behind. If a threat was detected an alarm triggered and humans had to investigate whether a breach was occurring – often this resulted in discovering a breach only when it was too late. Now, automation and orchestration have addressed some of that challenge. Innovations like Security Information and Event Management (SIEM) help to identify incidents more reliably and innovations in firewall technology have kept coming, too, including those powered by cloud-based machine learning, which allows previously unknown threats and suspicious behaviours to be recognised automatically. More recently, security orchestration (SOAR) tools have helped ease the pressure on network security teams, as many of the manual processes associated with threat detection and incident response can be automated.
4. Align to a recognised security framework, even if it takes time
Aligning IT operations to a security framework like ISO27001 is a good medium-term goal for companies to work towards, but may need a step-by-step approach. Trying to enact a lot of new policies at once can be disruptive and employees may not get on board. A good first step for an organisation is to look at the Cyber Essentials standard, which can help build a level of company-wide awareness and competence. The five basic security controls taught by the standard are said to protect against 80% of common attacks.
5. There’s no substitute for a total focus on cyber protection
Companies who’ve made cyber security a secondary responsibility of their IT manager need to think again. Whether it is managed internally or through a partner organisation, whoever is responsible for your cybersecurity must have a deep understanding of current risks and remedies, and have a full time focus on it. Doing cyber security effectively takes a certain mindset and total focus; ideally the person in charge shouldn’t also bear primary responsibility for your day-to-day IT operations.The level of cyber security focus now needed is higher than in past years, both in terms of people skills and in the systems and tools for integrated protection, detection and response.
To find out more about making cyber resilience part of your organisation’s DNA, join us for a roundtable discussion on 30th March at 12 noon. Joe Brady, CIO eir evo and Paul McEvoy, cyber security specialist will be joined by Professor Kevin Curran to discuss topics such as Zero Trust, the future of remote working with endpoint security and the reality of data protection in a cloud environment. Register at https://content.eirevo.co.uk/cyber-security-roundtable-discussion