Thirty years on from the first Computer Security Day, many businesses are navigating through challenging times when it comes to mitigating the risks of security challenges and ensuring the protection of data, all while focussing on digital transformation and making the business more agile and data-driven. “Far too many companies still believe that a cyber-attack will never happen to them, instead of accepting the inevitability and putting mitigation technologies in place,” commented John Williams, Product Manager at Node 4.
At the same time, lessons in what to do (and indeed what not to do) are out there, something that Shannon Simpson, Cyber Security and Compliance Director at Six Degrees recently stressed, noting the recent British Airways data breach and commenting that it offered “ some key lessons that businesses should keep in mind when developing their cybersecurity strategies: remember that prevention is better than cure; understand that attack vectors are constantly changing; and develop a cybersecurity playbook and keep it updated.” These seem like simple steps, but the sheer volume of recent attacks highlight that this is often much harder in practice.
With so many lessons to heed, and so many technologies in play, what should businesses be prioritising?
Find out where the data is stored, and protect that
The first challenge is securing where the data is stored. One option where the hype might just prove realistic is in AI - or at least AI integrated into data management offerings. Nigel Tozer, Solutions Marketing Director EMEA at Commvault noted that “AI is now available in backup and recovering software to help you spot when a ransomware attack is taking place, so you can take remedial action. The same AI can also provide reports on whether you can meet recovering targets and will even reschedule things and make other changes to help you meet them.” The need for backup was also raised by Naaman Hart, Managed Services Security Engineer at Digital Guardian, who noted that in cyberattacks that resulted in the mass encryption of files, “maintaining a robust backup policy [can allow] the recovery of any encrypted files.” His advice to IT professionals was to “know your data, prevent unauthorised data use or alteration, and ensure you have a solid recovery mechanism.”
Another solution, at least in terms of the long-term retention of data, is archive storage. Gary Watson, CTO of StorCentric and Founder of Nexsan commented: “ When you buy a bike, you should purchase a helmet for safety and security, just as IT pros should be purchasing the right protection for their technology. Equally important is to have a second line of defence in place when the inevitable does happen. Organisations should consider investing in archive storage - it’s a stable, reliable solution for storing data on a central, secure repository both at home and at work.”
Thirdly, for Luke Brown, VP EMEA for WinMagic, “a key part of [an IT security team’s] armoury is encryption.” Echoing Williams’s concerns on the unavoidable truth of cyberattacks, he added “Falling victim to cybercriminals is a simple matter of fact these days, and all organisations need to take precautions to mitigate the risk of an attack. In the event of a data breach, encryption acts as a last line of defence making data illegible when in the hands of unauthorised parties.”
Protect the networks that connect your business
However, if the network as a whole is vulnerable then encryption may not be enough to prevent a breach. Steve Armstrong, Regional Director at Bitglass cautions that, in situations where data is publicly accessible due to a misconfiguration of a service, “outsiders don't need a password or the ability to crack complex encryption to get at sensitive information.” This is particularly an issue when organisations are still taking a “fixed perimeter” based approach to network security while adopting new networking practices and moving towards becoming a connected enterprise
When it comes to IT network security, Todd Kelly, Chief Security Officer at Cradlepoint commented that “our businesses, organisations and government agencies remain outmatched by hackers who are becoming bolder and more sophisticated.” To remedy this and be ready for more agile, pervasive networks, Kelly advocates for recommitting to “trusted security practices while adopting new approaches that leverage wireless, software-defined and cloud technologies.”
These networks should be monitored by “a suite of solutions that can accurately detect anomalies originating both inside and outside the network,” according to Paul Parker, Chief Technologist, Federal & National Government at SolarWinds. Speaking on how public sector organisations, in particular, can prepare, he recommended “implementing automated patch management, user device tracking and other strategies that can provide true defence-in-depth-capabilities.”
Invest in the human element
Then, with networks and storage both secured, it becomes a matter of training. Jake Madders, Director at Hyve Managed Hosting commented: “even with all the sophisticated and innovative tech available, businesses remain constantly vulnerable to cyber threats, which is why people are just as important in helping strengthen the security posture of your company.” For Madders, training and education programmes are the answer, which should “help empower [employees] to spot anything suspicions from an internal point of view.” However, Madders also stressed the importance of ensuring customers are also fully aware of potential security breaches, finishing that “something as simple as a letter or email providing fake bank details, or using your company's logo, could be enough to truck your customers into falling for a scam.”
This is a sentiment echoed by Williams, who added that “regardless of how many layers of protection security experts implement, the weakest link is the people involved. Managing this portion is essential in any cybersecurity strategy, so it is important to ensure that employees are fully up to date with the latest security protocols and processes in their company.”
Security threats need to be treated as a case of “when” and not “if”.When it comes to preparation, in Tozer’s words, “it’s more important than ever to use all the tools available and layer them where you can.” To achieve this in the current cyber threat landscape, businesses need to look at protecting their data wherever it resides, rethinking their approach to network security, and finally investing in training their people to make sure they are prepared, no matter what happens.