Most businesses think that, if they have security controls in place, they’re protected against cybercriminals but that simply isn’t true.
Business beats with a digital heart and the rate of cybercrime is increasing exponentially. It’s essential for organisations to understand the threat landscape and how to mitigate the risk of being attacked.
Cybercrime has become an industry in which large organisations pay educated hackers a daily wage to find and exploit vulnerabilities. There are around 390,000 new malware threats every single day: it’s impossible to keep up with this volume of threats by simply relying on traditional technology like antivirus. Simply having security controls recorded in a policy is not enough, they have be lived and acted upon every day. Businesses invest in tools, processes, and policies to identify when they are being attacked and how to respond, contain and recover from a successful breach.
Competing demands and increasingly-complex technology environments mean that IT teams can only spend a fraction of every day on security activities. Compared with cybercriminals whose full-time job is finding ways to breach organisations, this is inadequate. Yet IT teams remain limited by the resources available, and the need to keep systems online and support business processes. Hence, defensive efficiency is key.
The big trap many organisations fall into is taking a compliance-based approach to security. By definition, this means that the decision cycle on implementing and updating controls will be longer than the attackers’ development cycle, letting cybercriminals get ahead.
Given businesses can’t outrun the cybercriminals, the only other option is to outsmart them with cybersecurity protection.
We recommend businesses consider six facets of cybersecurity protection:
1. Clear policies
The rise of phishing and social engineering tactics means people are often the weakest link in the cybersecurity chain. It’s important to set clear policies around what is and isn’t allowed, and what to do if a person suspects they’re being attacked, and to make sure everyone in the organisation is aware of them.
2. Perimeter protection
Simple firewalls are no longer sufficient but next-generation firewalls that meet reporting requirements, deep-dive into traffic, and decrypt traffic for better analysis are ideal.
3. Intrusion prevention
Unified threat management (UTM) tools take next-generation firewalls to a new level, giving security teams full visibility into what people are doing on the network. For example, if workers are accessing suspect websites, the IT team can identify this and speak with the user.
4. Real-time threat analytics
Traditional, signature-based protection is no longer adequate. Businesses need to be able to analyse all traffic for potential threats, not just those with a known-signature. This is the only way to protect against zero-day threats.
5. Application control devices (ACDs)
ACDs are the last line of defence, providing full visibility into who accesses what applications and when. This protects against people who are already inside the network, such as guests or malicious attacks from employees. It puts firewalls and distributed denial of service (DDoS) protections in place and ensures only the right people are accessing applications.
6. Security incident and event management (SIEM)
SIEM lets IT teams automate parts of the security puzzle, letting the team proactively find threats that might not be visible using standard logs. It delivers high-speed, accurate, comprehensive reporting and is ideal for environments that require compliance and strong protection.
Mark Blower, National Business Manager – Networks and Security, Empired
