Jeffrey Longoria, General Manager, Dell SecureWorks EMEA, looks at how you can set a cyber security strategy to beat the viruses and hackers.
We are becoming ever more reliant on technology in our day-to-day lives; it is therefore vital that businesses are aware of the risks and dangers that new technologies can create. Hackers are employing increasingly sophisticated techniques to access infrastructure and malware is becoming more and more difficult to detect. One example of new ransomware, CryptoWall, has breached over 40,000 systems in the UK in recent months, whilst one US firm had nearly 75GB of server space encrypted. Attacks like these are becoming increasingly prevalent and in the worst cases, the consequences for businesses can be catastrophic.
With all this in mind, it’s essential that businesses put the necessary systems and processes in place to protect sensitive data. Developing an intelligent cyber security strategy requires the insight to predict threats, and an action plan ready for countering threats as they occur.
1. Think like a hacker
If you can identify potential weak spots in your infrastructure from the very start, this will help you develop your strategy. This requires a strong understanding of the adversary and their usual tactics, techniques and procedures so you can plan and evolve your defences to suit the most likely threats to your company’s data. In order to access the high level expertise necessary to handle such a constantly evolving threat, you may want to employ a Managed Security Service Provider (MSSP). Retaining skilled security staff is difficult even for large organisations so using an MSSP will help to alleviate some of this pressure. On top of that, an efficient MSSP will be capable of tracking threats in a way that individual businesses may be incapable of without external support.
2. Educate your organisation
Even with all of the technology and software available to combat malware, many people trip up on the basics of security and can therefore open the business to attack. Given that the end user is often the first to compromise security, businesses need to invest in educating their employees, ensuring that processes are simple and clearly understood. Bear in mind that the focus of training for management may differ to that required for other levels of staff. Should a breach occur, leaders must ensure that their security teams are able to identify and respond to threats as quickly and efficiently as possible in order to limit the impact.
3. Consider all endpoints
As bring-your-own-device (BYOD) policies gain popularity and employees access the company network with their own peripheral devices, all of this must be considered when devising a security strategy. Phishing, social engineering, and endpoint security vulnerabilities make endpoints including laptops and desktop computers, and servers, fertile ground for advanced threat actor “land-and-expand” penetration campaigns. You should consider selecting an MSSP that can provide skilled personnel as well as automated monitoring processes. This way, not only do organisations gain situational awareness and superior visibility, but incident response times will be accelerated if the system is targeted.
4. Adopt a layered approach
Companies should utilise multiple layers of security, including a 24×7 endpoint threat detection service. Maintaining real-time visibility into all activity on every level of your network ensures that threats will be detected before they accelerate into a full blown attack, and can therefore be prevented from happening again.
5. Prepare for attack
100% security does not exist so how well you respond and contain a breach is key. It is very challenging to plan for every eventuality, but it is certainly possible to plan for the most common situations. Carrying out a response plan at the first signs of a breach will accelerate your ability to respond and contain the threat, ensuring minimal damage to your reputation. Business leaders must make sure that their security teams are able to identify and respond to threats as quickly and efficiently as possible. In a scenario where absolute prevention is likely to fail, early detection and a rapid response are vital to reduce overall harm. Finally a breached organisation should take robust steps to ensure that the same incident doesn’t happen again, to avoid further risk and to help reassure customers and stakeholders of the safety of its data.
Nearly all businesses handle sensitive information from customers or clients in some form or another, so it’s imperative that you take security seriously. A serious breach can result in immeasurable damage to your organisation, both financially and in terms of reputation. Although it may be difficult to avoid all threats, you should prepare yourself in order to limit the impact when the worst happens. The world of malware, viruses and cyber attacks is constantly changing so you need to ensure that your business is ready for any eventuality, at any moment.