The recent cyber-attack on UK telecoms firm-TalkTalk has once again brought to the forlight the real importance of cybersecurity.
TalkTalk joins a long list of companies worldwide that have encountered serious data breaches, including Ashley Madison, eBay, AOL, Target, Home Depot, Sony, Anthem ,JPMorgan Chase,the list is endless.
Google and McAfee believes that about 2,000 cyber-attacks takes place every day worldwide,inflinching an enormous cost of around £300bn ($460bn) on the global economy yearly.
Yet more than two thirds of firms believe they are not sufficiently protected from sophisticated hackers seeking to extract money through blackmail or steal data for-sale in the black market.
Then what should businesses do to up their game on security? Technology of Business canvassed cybersecurity experts for their views.
1. Protect your data, not just the fence
Our ideas of corporate cybersecurity are out-of-sync, many experts warns.Focusing only on building up the fortress walls is not adequate,though about 87% of security budgets is used for firewall technology, says Tim Grieveson, chief cyber strategist of Hewlett-Packard.
Set aside the gate and drawbridge structures,presently there are numerous possible ways into the fortress since businesses are linked to customers, suppliers, and employees through the internet. In-addition to that,it seems as if everyone who comes in and out of the fortress possess a key to unlock all the doors as well.
Gate crashes are unavoidable,comes the serious warning, guard the most important data.
"The main thing is, CIOs [chief information officers] should accept the idea that their company will be breached and shift their security focus from 'breach prevention' to 'breach acceptance'," says Jason Hart, chief technology officer at digital security specialist, Gemalto.
Tom Patterson, general manager of global security solutions for IT services firm Unisys,labelled this new approach as micro-segmentation - building several small walls around parts of your business containing critical data that should not be compromised.
This involves cryptographically securing each fragment of digital information - the packet data - with a code unique to every segment of the business. So if hackers gate crash, they only gain access to data belonging to that community or segment.
"A minute security breach is easier to contain - they may steal small bits, or disrupt a little bit, but they can not take down the whole corporation," says Mr Patterson.
The problem is, says Mr Grieveson, is "selecting the data to classify as important."
2. Identify your data
Several businesses can't even identify the data they have stored on their systems, let alone say how important it is,that is the complexity of their old computer systems and the recent increase in digital data from mobile and other devices on the internet.According to a just concluded survey by information management firm Veritas, about 59% of the data in UK IT systems can't be identified let alone unclassified "dark data".
Knowing what you have is central to any security approach, says Mr Grieveson. "Businesses need to know and understand the risk associated with different types of data being lost."
When you have done this,you can use "best practice data protection - associating security directly to the data itself, applying multi-sector authentication and data encryption, as well as securely managing encryption keys," says Mr Hart.
"That way, if the data is stolen, it is useful to the thieves."
3. Keep to abreast of the insider threat
It is quite too simple to focus on attacks originating from outside and ignore the risks posed - knowingly or unknowingly - by people inside your corporation.Even attacks from inside can be more difficult to reveal and contain. "In real world it takes about 70 days to remedy an insider cyber-attack," says Mr Grieveson.
Employees opening email attachments they think originated from secure sources are the number main threat for organisations", says Gary Steele, boss of Proofpoint, a secure email specialist.
"An organisation can expend millions on investments in security solutions, but all it needs is a click on a link by one employee, and the organisation is exposed," he says.
Hackers are increasingly clever at using personal information gleaned from social media and several other sources - so-called social engineering - to make employees think that emails originate from people they know. Enlightening staff of such threat must be a priority, experts advise.
When it involves employees on the payroll of criminal gangs, predictive analytics tools can try to pin-point abnomalities in their behaviour on a corporate network,such tools can be expensive and time-consuming to use.
4. Increase awareness and vigilance
Organisations can achieve more just by monitoring their systems more effectively, says Gavin Millard, technical director at Tenable Network Security.This includes the "upgrading of easily exploitable bugs, robust filtering of inbound and outbound communications, updated malware defence, encryption of most sensitive information, and a good and enhanced password policy," he summarises.
At least, firms should ensure network security certificates and antivirus and firewall software are update frequently.
"Using monitoring controls to reveal when an attack occurs is the most important from technology point of view," says AlienVault's Javvad Malik. " Also from a non-technology perspective, security training for staff can really help.
5. Be mobile compliant
If staff uses mobile devices for work purposes, firms should restrict access to important data and systems, the IT professionals say.At most, firms should change to centrally-controlled system enabling IT departments access to wipe devices remotely if stolen or lost.
"Firms need to employ a zero-trust philosophy," says Jason Garbis of security company, Cryptzone.
6. Increase budget and time on cybersecurity
Cybersecurity firms with products and services to sell would emphasize this, wouldn't they? Even TalkTalk chief executive Dido Harding accepted that they would "spend more money and more time on cybersecurity because it is the main risk".
Big firms having critical consumer data to secure are increasingly employing chief security officers, more to vacant board positions, in a move that cybersecurity has to be incorporated in all business processes.
Cybersecurity is everybody's challenge, not only the responsibility of IT departments.
No comments:
Post a Comment