The recent wave of ransomware attacks and preceding waves of cyber breaches could make it appear as though cyber criminals want their pay-off immediately.
However, cyber criminals often exploit security breaches over the course of months and even years, in covert attacks that can do far more damage to an organization. SME’s are especially vulnerable to attacks and the scope of damage, but so are large businesses. A lone hacker that took down British Airway’s website for one hour caused a £100,000 loss [Editorial comment: Based on BA’s total annual revenue this amount must be too low?]
Another issue is that businesses must now report breaches of their customers’ personally identifiable information security with the General Data Protection Regulation (GDPR).
This means that security breaches must be reported to the authorities within 72 hours of detection if personally identifiable data is at risk. Fines are imposed for a failure to do so, and identifying breaches is often incredibly challenging.
Benjamin Hosack, Chief Commercial Officer of cyber security firm Foregenix, outlines steps organisations should take in order to minimise the chance to being hacked, improve the ability to identify hacks early and substantially reduce possible damage:
- Install updates– Research based on 80,000 European websites found that 80% are vulnerable to cyber-attacks and the main reason is a simple failure to install the latest updates. So, patch or update all software.
- Use threat detection services– Specialist cyber security firms provide high–end Managed Detection and Response Services to cyber threats. As most organisations struggle to detect the threats in the first place, this type of service is vital.
- Use a honeypot* – Honeypots are decoys that appear to be legitimate components of an organisation’s network, containing valuable data. As soon as a honeypot has attracted the attention of the cyber-criminal, a warning is triggered. Combining a honeypot with other security controls provides an additional layer of security.
- Train your employees– The biggest cyber security weakness in an organisation is the people. Training team and non-technical staff is key. Workers must be informed about the latest cyber threats security. Awareness of threats and how the business might be attacked is important in order to be able to raise the alarm (also read: https://www.biia.com/cyber-security-the-insider-threat)
- Monitor security alerts daily– Attack traffic usually has a very specific pattern and hacked business systems can be detected quickly if security alerts are being monitored across the business.
- Learn from the past to predict future attacks– Cyber criminals certainly do like to strike in the same place twice, and often by the same methods. Pre-emptive action and monitoring based on past attacks can lead to quick identification of a security breach.
*Gartner has predicted that now, in 2018, 10 percent of enterprises will already be using deception tools and tactics and actively participate in deception operations against attackers.
Source: Cyber Security Intelligence