There’s only one thing we can say with any certainty about cyber security, and that is that cyber criminals are always one step ahead of security vendors.
By Simon Campbell-Young, MD of Intact Software Distribution
They are innovating more quickly than businesses are able to defend themselves, continually looking for new ways to exploit weaknesses in cyber security solutions. Companies need to realise that if threat actors innovating, so should they, and they should develop a cyber security strategy that is innovative and forward thinking.
And this needs to happen now.
The volume of data that needs to be harnessed and protected will double in a few years, and any business that can’t protect its data, will be unable to innovate and thrive.
Perimeter security is no longer effective. The very worst idea is to put up a high wall, and brace yourself for the next onslaught – hackers have the skills and the tools, and are already finding ways to get through those walls, and into your network.
In addition, the security team is responsible for protecting the company’s data, irrespective of where it is stored, and today that means on a plethora of personal devices, connected to thousands of IoT machines, and data that resides on company servers.
There is no longer a central location that can be locked down like Fort Knox, and security practitioners need to think outside the box and find ways to implement security that attaches to the information, and not the place it is stored.
So how do businesses stay ahead of attackers? A layered security approach that makes uses of the basics, such as firewalls, AV and DLP, combined with new, innovative technologies, is key.
Today, tools also need to protect against un-authorised or unknown use of your identity. Your identity is essentially your profile, and your profile is the key for cybercriminals.
Identity and access management are now a vital element of any security posture. By having identity and access management in place, people and devices accessing your networks can be verified while setting authorisation levels for employees, and enforcing the principle of least privilege.
Next comes threat analytics. These solutions automate processes to identify and respond to any anomalous behaviours in data traffic patterns and on the network, which might indicate an attack is in progress, or a botnet has taken control of certain devices to carry out a DDoS attack.
If security teams have this intelligence at their fingertips, alerted by the threat analytics tools, they can respond to, and mitigate, an attack far more quickly.
In fact, some of these programmes have the ability to automatically respond to an issue.
Virtualisation should also be a part of any clever businesses security strategy.
Virtualised security enables businesses to track and protect their valuable information assets, regardless of whether they are being used, are in transit, or stored on a cloud somewhere.
Regular updates guarantee that security is kept up-to-the-minute to strengthen cyber security defences, and virtualisation saves massively on physical space.
Lastly, considering that the common maxim today is that breaches are not a matter of ‘if’ but ‘when’, businesses should have an incident response plan in place, to make sure they are able to respond quickly, to minimise any damage or disruption. The plan must outline who is responsible for what, what the processes and lines or reporting are, and what the steps to take in the event of a breach are.
Being prepared is key, and will ensure a business is able to right itself, and carry on in the event of an incident.