The frequency and complexity of high profile cyber-attacks of late are testament that cybercrime is a significant issue for all types of businesses. Backed by a multi-billion dollar industry, today’s cybercriminals are becoming increasingly innovative and persistent, finding new and sophisticated ways of breaching systems and evading detection like never before.
Cisco alone detects and blocks 19.7 billion attacks each day. To put that into perspective, it’s roughly six times more than the search requests that Google manages on a daily basis. What is most troubling, however, is that on average, 60 per cent of the data stolen is done so within the first few hours of an attack and more than 50 per cent of all attacks manage to persist on systems undetected for months, if not years.
Given the industry average of the time it takes to detect an attack currently stands at 100-200 days, then there are essentially two types of companies today; those that have been hacked and those that don’t yet know they have been hacked.
As today’s cybercriminals are becoming more nimble, resilient and persistent, it appears businesses are struggling to keep pace. According to Cisco’s 2016 Annual Security Report (ASR) only half (54 per cent) of businesses are confident in their ability to verify and defend against an attack. Improving security capabilities is not only critical for protecting the business and its customers, but is fundamental to effective digital transformation.
Digital disruption is expected to displace incumbent businesses by 2020, and as businesses look to digitise their processes to improve efficiency, productivity and the overall customer experience, they must be able to do so securely. Yet, according to Cisco’s latest Digital Readiness Index, which surveys organisations and their ability to move fast with digital infrastructure investment, 42 per cent of UK companies see security as their biggest challenge.
An ever-changing threat landscape
Cybercriminal activity is becoming increasingly complex and the rise of malware campaigns deliberately targeting enterprise networks is a growing business concern. The latest research from Cisco’s threat intelligence group, Talos, has also revealed that the Nuclear Exploit kit in particular, a malicious tool that targets software vulnerabilities to deliver ransomware, has gone international, successfully targeting and compromising individuals in more than 10,000 cities across 150+ countries
In light of the ever pervasiveness of cyber threats targeting even the most trusted sites, the most effective way of mitigating all sources of risk is by adopting a proactive, integrated approach to security that addresses the entire threat continuum - before, during and after an attack. This involves ensuring security is seen as an evolving process that can be constantly reviewed and validated to reflect the changing threat landscape and that best practice security processes are embedded throughout the entire business.
Managing business risk
Reviewing current infrastructure is a good place to start, to determine whether the businesses has complete visibility and control of any potential risks or threats. Almost 90 per cent of organisations are not fully aware of devices accessing their networks, with there being 5-10 more cloud applications in use by employees than even the IT departments realise. In addition, 92 per cent of devices across the internet are known to be running known vulnerabilities.
You can’t protect what you can’t see, and it is therefore critical that businesses embed security across the entire network, applications and access points so as to detect, analyse and block any anomalous behaviour. Tailoring usage and user behaviour so that it aligns with corporate policies is also essential, as is continually identifying and assessing the cloud applications accessing the network to determine if any data or IP is at risk.
There can be no doubt that the innovation race between adversaries and security vendors is accelerating, and as much as cybercriminals are becoming more intelligent and resilient, so too are security vendors and teams. However, in order for organisations to remain agile and in control of both new and emerging threats, security must no longer operate as a silo IT function, but rather as a fundamental business process and enabler.
Only through a collaborative and integrated approach and by ensuring that security policies align with business objectives, can organisations have the confidence that they are keeping the business as secure as possible and have the best chance of being one step ahead of the cybercriminals as they look to realise the benefits of digitisation.
Terry Greer-King, director of cybersecurity, Cisco UKI and Africa
Image Credit: Shutterstock / LeoWolfert