Covid-19 has changed how businesses across the globe operate. The pandemic has also changed the landscape for cyber threats. As we look ahead to 2021, now is an important time to understand and prepare for potential future threats.
Even before the current crisis, cyber threats were a growing concern. The recent UK government Cyber Security Breaches Survey 2020 exposed that attacks have evolved and become more frequent, with 68 percent of medium-sized and 75 percent of large businesses having experienced cybersecurity breaches or attacks in the last 12 months. The steady march of digital transformation, and the vast amount of data gathered as a result, means every business has a gold-mine of information needing constant protection.
Hackers capitalize on uncertainty, confusion, and chaos. For cybercriminals, the coronavirus pandemic is a major opportunity to launch a whole new series of cyberattacks. For example, you may feel equipped to spot phishing email scams. However, it may not be so easy when you are awaiting crucial news about a business loan or employees’ furlough payments.
Recent data shows that organizations need to be especially vigilant with regards to phishing attacks. In the last 12 months, among those identifying any breaches or attacks, there has been a rise in businesses experiencing phishing attacks (from 72 percent to 86 percent), and a fall in viruses or other malware (from 33 percent to 16 percent).
During this current time of change, reassessment, and preparation to move forward in the ‘new equilibrium’, it is an important time for businesses to take stock of their cyber defenses and ensure they are well prepared for the path ahead. Here is why I think the threat of digital viruses or cyber-attacks should be top of your list.
Cybersecurity is not enough
If it has been said once, it has been said a thousand times, but it is not if you will be attacked, but when. Organizations must move beyond a mindset of complete security, to one focused on resilience. Cyber resiliency is about an organization’s ability to carry on and recover quickly in the face of any digital disruption. It starts with the ability to detect a breach once it has penetrated your network, and leads on to everything required to ensure business continuity, remove the threat, and return you to ‘business as usual’ as quickly and painlessly as possible.
Cyber resiliency frameworks are designed to create end-to-end security approaches that are comprehensive, cost-effective, flexible, and performance-based.
The UK Cyber Security Breaches Survey 2020 reveals that businesses are often confused about the scope and best practice of cyber resiliency. With that in mind, here are my five steps to achieving cyber resiliency which leaders should be discussing with their teams to evaluate potential gaps in their security network.
Five steps to cyber resiliency
Businesses need to understand the wide range of cybersecurity risks, and the various ways an attack could breach defenses - via systems, assets, devices, data, and people. The recent and rapid shift to mass remote working has left businesses exposed to new risks that they may not have been prepared for. Organizations are collaborating and sharing data across a variety of different devices and networks that may not have the same security levels in place as their office.
Understanding the full business context and potential risks, particularly in light of current changes, will allow you to focus on delivering your business needs.
The next step involves developing and implementing suitable safeguards to make sure that the sharing and storage of information is achieved securely. This covers many of the functions contained in traditional cybersecurity – such as tools to limit and control access, to digital assets and systems to prevent any breaches.
It is also important to consider the security of devices being used in remote locations and, potentially, on unsecured Wi-Fi networks. This will be a key part of adjusting to the ‘new equilibrium’, as the main places of work have changed for good – and increasingly, work will be done from home or other shared spaces.
From there, businesses must recognize suspicious activities that evade perimeter defenses and compromise systems and endpoints, and quickly assess scope and potential impact. This step should include continuous monitoring of potentially malicious processes, files, DLL’s and other relevant endpoint data.
Detections without context can slow rather than speed recovery from compromise. Information Security teams that leverage threat intelligence sources can add additional information that helps to prioritize response and understand a particular threat from a holistic view.
Once the cyber resiliency tools are in place, there are also five key areas for a business to cover to respond effectively: response planning, communications, analysis, mitigation, and improvements.
For example, the process for containing any risks needs to be clear amongst leadership teams. Processes should be set to communicate these important messages with staff working in various locations. Alternative options, such as switching networks, may also be limited.
In the more advanced cyber resilience solutions, AI-assisted analytics are used to capture all breach data and help improvements to more quickly and appropriately react in the future. You can also establish cyber resilience metrics to better understand how you’re performing and where developments can be made.
This final component is designed to help develop and implement strategies to maintain business continuity. This will include restoring damaged services or capabilities caused by a breach, as well as the steps necessary to make available the information and data required to revert to normal business operations.
Putting cyber resiliency into action
At a time when businesses are adapting to significant change, it is important to continuously assess your cyber resiliency. The potential risks are likely to have increased, as well as the complexity of the attacks.
Now is the time to put cyber resiliency on your to-do list - after all, who knows where the next threat to your business will come from.
JJ Cranford, Senior Product Marketing Manager, Security, OpenText