With cyber threats multiplying businesses need to become more agile and responsive to protect their systems from attack.
The pandemic has been tough for everyone – unless that is you happen to be a cybercriminal. For them it was Christmas come early as businesses rushed to adopt digital technology and adapt to remote learning. All of a sudden it became a target rich environment. Endpoints multiplied with staff logging in from all sorts of locations. Data became increasingly mobile, being transferred between various locations and IT managers found themselves confronted with increasingly fractured and hard to control networks.
Moreover, digital adoption was pushed into overdrive. While this brought benefits, it also pushed many businesses to embrace digital technology without adequately taking account of the risks. Keeping these networks safe, at a time when the way we work is changing rapidly, has become increasingly difficult.
The result of this is that threats increased exponentially. 2020 would prove to be the busiest year on record for cyber threats against UK firms. Hacking attempts surged by 20% compared to 2019 and all the signs suggest 2021 will be even busier.
There are plenty of things any businesses should be doing as a matter of course including:
- Encryption: All sensitive data should be encrypted, and no passwords or login details should ever be sent in un-encrypted formats. Any Wi-Fi should be fully encrypted such as with WPA2 and the password should be regularly changed.
- Security: Teams should be encouraged to choose strong passwords, to change them regularly and make sure they have different passwords for various accounts. Zero trust multi factor authentication is also useful to ensure all access requests are fully verified. Networks should always have a firewall and you should check that the router has the latest firmware installed.
- Software updates: Cyber threats are constantly evolving and so must defences. Software providers are constantly developing patches to counter each threat as it becomes known. These are installed via updates and ensure the system benefits from the most up to date security. Software defences identify threats by comparing them against known lists. If it has not been updated, it will be missing the latest additions and will be left vulnerable to attack.
- VPNS: If accessing networks from public Wi-Fi, all users should use virtual private networks. This keeps any data safe from prying eyes.
- Backing up: All key systems should be regularly backed up and stored in different locations. This means that if a breach does occur, a business will be much better placed to respond and mitigate the impact of a breach.
These all cover the basics of what any business should be doing. However, in the current landscape the threats are multiplying, evolving and becoming increasingly complex. For example, earlier in the year, hackers affiliated to the Russian ‘Darkside’ hacking group took the Colonial pipeline offline, threatening oil supplies to the East Coast. The company eventually paid the hackers 75 bitcoin (about $4.4 million) to get systems back online. The Digital Extortion Taskforce was later able to recover 64 of those by tracing the hackers’ digital wallets.
The impact of the Colonial Pipeline was dramatic, but the way it compromised defences couldn’t have been simpler. Just a single leaked password gave hackers everything they needed to get in. Indeed, one thing many of the most high-profile attacks of the past few years have in common is that the business involved could and should have done much more to prevent the breach.
All too often, businesses take a passive reactive approach to cyber security, only taking action when an attack has already happened. More than half of businesses admit they are not adequately prepared for cyber-attacks, according to a survey from FireEye. Instead, they should take a more proactive approach, working to understand the evolving landscape, how their network is exposed and where threats are more likely to come from.
This becomes increasingly challenging in a world in which the number of endpoints connecting into systems is growing. The rise of remote work, the internet of things (IoT) and initiatives such as ‘bring your device to work’ (BYOD) have seen an exponential rise in the number of devices logging into systems. Unsecured personal devices are routinely accessing systems and managing highly sensitive data.
This represents an enormous security vulnerability as hackers often target the smallest and seemingly most insignificant devices as it is these which can often provide the easiest route in. Remember, all they need to breach even the tightest firewall can often be a single password.
How to safeguard systems
The challenge for those tasked with cyber defence has, therefore, become much more complicated in the past year. To use a sporting analogy, it’s a bit like defenders in a football game, suddenly finding that the opposition have been given six additional attackers and the pitch has been doubled in width. Defending every avenue will feel impossible.
What they can do is to understand the ecosystem. Not all attack vectors are equal. Some devices and assets will present a greater risk than others. To account for these threats, organisations will need to tailor cyber security approaches to protect their most vulnerable ecosystems and ensure their most critical threats have been mitigated. That way, you can tailor your cybersecurity strategy to suit your business environment.
Modelling and wargames can also help you understand how your business will perform in a real-life scenario. Often, businesses only identify vulnerabilities after they have already been breached. This provides a safer dry run in which businesses can stress test their defences and redundancy measures to see how they might perform and where they might be vulnerable.
The human factor
Last but by no means least, businesses will need to consider the human factor. All the sophisticated firewalls, antiviruses and encryption in the world can be rendered useless by someone in the organisation clicking on an infected link. In a world typified by technology it is often surprising to find that, as data from IBM suggests, 95% of breaches occur due to human error.
Plugging this gap could be the single biggest thing any business can do to improve the safety of their systems. They can implement full training for all staff, ensuring everyone understands the threats, policies and responsibilities. They can foster communication between departments, and design imaginative and creative training which engages people and helps them take ownership of security at all levels.
The aim behind all the measures discussed here is to embed cyber resilience into the fabric of an organisation. By doing so, organisations can create a positive cyber culture in which systems and employees are as well prepared as possible for the threats they may face.
If you’d like to know more or need some further advice or support then you can get in touch with our team via email: email@example.com