It goes without saying that the IT security landscape is a complex and hungry beast! As our IT management processes become ever more complex, our operating systems devour ever-increasing amounts of data and our networks access multiple sometimes numerous interfaces, the potential risk from cyber threat becomes somewhat amplified.
Most businesses appreciate that operating effective management controls is easier when you know exactly where your data and resources sit. Arguably, now that networks are disparate and data could be held anywhere, managing your cyber security framework is becoming more of a challenge.
This is particularly the case when your network involves third party suppliers who may, in turn, rely upon third-party resources. And then there is the GDPR...with the new regulations come the elevated threat to your business’s compliance and reputation. (It is worth noting here however that compliance does not necessarily guarantee the security processes you are operating are effective). Fair to say, it is a complex environment.
So why has our business environment become subject to such a marked increase in threat?
The answer probably likes with the changes to our working practices which have come about due to the use of and our increasing reliance on, technology. Cloud services, mobile phones, remote access, video conferencing and multiple networks can, without effective protection, allow easier access into more critical business systems and increase vulnerability. As a result, the threat has not only increased but has become more complex and opportunistic in nature, due to the increased number of potential access points.
What are latest threats?
Sophisticated phishing attacks reporting from O365 and G-mail domains are disguised to look very legitimate but are solely focused on gaining a foothold into your system
Increase in bad actors exploiting weak VPN and Zero-Logon attacks on infrastructure, where subjects expose VPN connectors or domain controllers to the internet
Exposed databases such as MongoDB or elastic search with default or weak credentials to the internet are being exploited with data extraction breaches
Code repositories are reporting an increase in users scanning check-in history for potential secrets or access keys.
It’s tricky stuff!
What does this all mean for the future?
In short, there are a number of key pressure points to be aware of when considering how to ‘future proof’ your IT infrastructure.
Be aware - Legacy systems pose a known and certain danger – upgrade and decommission wherever possible. Make sure you embed a robust IT security culture with clear accountability
Maintain your cyber security talent pool– if your organization lacks the necessary specialists then engage externally. Don’t expose your Cyber Security posture to risk through lack of resources. Seek help!
Threats will increase – this is the one thing we can be sure of. As protections improve so do hackers’ strategies for thwarting them. Regular security assessments form an intrinsic part of a robust security regime; ensure these are carried out by suitably qualified and experienced systems specialists. Risk management programs are underpinned by effective monitoring, logging, alerting and reporting and;
Benchmark and monitor– carry out a thorough IT security audit to establish your current IT security status and put in place a robust plan to drive improvements and remediations.
So, if you are not sure where to start, or how much of a deep dive is necessary to establish your exposure to risk, call us now. Our consultancy and retainer-based Cyber Security solutions will get you back on track
So, what steps should you take to protect your business from cyber attack?
The first step is to take a long, hard look at the ‘as is’ security status of your organization by undertaking a comprehensive Cyber Security audit. It may be prudent to engage an external contractor to carry out this exercise as it is common knowledge that almost 80% of data breaches can be attributed to those inside your network with the remaining being through malicious Cyber-attack. Once the security posture has been established, improvements to security and critical infrastructure can then be implemented.
As threats become more sophisticated so must your protections. Ongoing review is critical to ensure that new threats are quickly identified and effective remediations put in place. However, there are also a number of simple strategies that could be employed to deliver a more robust cyber security framework:
Make security a top-level priority, not an afterthought – document inventories of your assets (even if it’s on pen and paper) and then assess the impact against the business should issues occur. Determine what should be updated or made more secure through hardening to reduce the risk of losing that asset to an attack.
Update – patches, etc. Ensure automatic updates are applied or subscribe to a notification service for IT admins to assess the patch and determine if it needs to be applied. Generally speaking, the security issues releases are necessary
Install appropriate monitoring and reporting processes – ideally ensure ransomware protection but if you can export logs into a centralised monitoring system, all the better for affording analysts a better insight into irregular activities occurring on your IT network
Policies – how effective are your policies e.g. Access control Policy. Policies set a critical framework for operational procedures and if these are not robust enough, or religiously implemented, you leave your ‘door’ wide open to attack
Thoroughly vet your supply chain - ensure you have a robust and secure supply chain by risk by assessing the impact of a supplier being attacked by a cyber incident
Data management – control your data understand what you have and where it's kept, inventories on pen and paper are a start but itis vital to establish the full reach of your infrastructure and then start implementing appropriate measures from there
Disaster recovery plan – do you have a Business Continuity Plan (BCP) is developed in line with ISO9001 and the principles of ISO 22301? Start with an inventory as outlined in Point 1 above and use this as a starting point to establish how you can support the business to recover in the event of interruption or attack.
Add multi-layered defenses don’t just rely on firewalls – defense in depth is the best approach, consider hardening, monitoring, zero-trust, defense software such as Endpoint Detection & Response.
Compliance – go above and beyond, compliance in itself will not ensure you are free from risk. Around 80% of security breaches are as a result of human error so IT security is not just dependent on software; it is dependent upon promoting a forward-thinking, proactive IT security culture across the organization.
What does this all mean for the future?
In short, there are a number of key pressure points to be aware of when considering how to ‘future proof’ your IT infrastructure
Be aware - Legacy systems pose a known and certain danger – upgrade and decommission wherever possible. Make sure you embed a robust IT security culture with clear accountability
Maintain your cyber security talent pool– if your organization lacks the necessary specialists then engage externally. Don’t expose your Cyber Security posture to risk through lack of resources. Seek help!
Threats will increase – this is the one thing we can be sure of. As protections improve so do hackers’ strategies for thwarting them. Regular security assessments form an intrinsic part of a robust security regime; ensure these are carried out by suitably qualified and experienced systems specialists. Risk management programs are underpinned by effective monitoring, logging, alerting and reporting and;
Benchmark and monitor– carry out a thorough IT security audit to establish your current IT security status and put in place a robust plan to drive improvements and remediations.
So, if you are not sure where to start, or how much of a deep dive is necessary to establish your exposure to risk, call us now. Our consultancy and retainer-based cyber security solutions will get you back on track.