WHITEPAPER - 3 key actions- protect your network
The exponential rise in connected devices promises numerous opportunities for the private and public sectors – new business models, better ways of...
Protecting your network
3 critical areas to lock down
In a connected world, cyber security is more important than ever
The exponential rise in connected devices promises numerous opportunities for the private and public sectors – new business models, better ways of interacting with customers and citizens and the potential to both increase productivity and drive down costs.
But hand in hand with this proliferation is another less welcome expansion.
There has been a rapid acceleration in security threats exploiting this surge in connectivity to breach organisation’s cyber defences. If those defences even exist.
Because regardless of the advancement in network security tools and policies, many companies still struggle to protect their networks and environment from attacks.
Technology has developed so rapidly – and the sophistication of security threats with them – that organisations are scrambling to find the right security solutions they need to keep their assets safe.
As the threat continues to increase, we believe a more proactive approach to security is vital for the survival of small and large businesses alike, with three key areas that organisations need to lock down as a priority – endpoint devices, networks and the Cloud.
How cyber attacks have piggybacked on connectivity
By the start of 2018 there were more than 27 billion connected devices globally, a figure expected to grow to 125 billion by 2030.1
2017 saw a 164% increase in cyber attacks worldwide
Yet according to some studies, 2018 rapidly eclipsed that with a 250% increase in spoofing or business email attacks and a 350% surge in ransomware attacks2.
(It was in 2017 that Gartner predicted ransomware would quickly become a real and significant threat to enterprises, and they were not wrong. It is now the favoured weapon for malicious actors.)
Companies using legacy technology are at a higher risk of attack
Particularly vulnerable are those companies still using legacy technology. This is typically found in the Public Sector, which is a challenge as these organisations frequently hold precisely the sensitive and personal data that is of the greatest value to cyber criminals.
They are also the organisations most likely to be working with limited IT budgets, yet security still needs to be at the top of their agenda.
The cost of a security breach
In the UK, PwC estimated that the annual average cost to UK firms that fell victim to a cyber attack in 2018 was £857,000. (For American businesses the US Securities and Exchange commission put this figure even higher with the average cost of a data breach rising from $4.9million in 2017 to $7.5million in 2018.)
Even then, what’s often not counted is the additional cost of enforced employee idleness as damaged networks and comprised computers leave them unable to work.
And apart from all the inherent business dangers of a security breach, there is also the reputational headache, something felt keenly by a number of organisations in 2018.
Ticketmaster, Facebook, British Airways, Dixons Carphone, Yale University, Air Canada, T-Mobile and Google all suffered attacks
How prepared are businesses today?
According to PwC’s 2018 Global State of Information Security report3 a quarter of businesses don’t know how many cyber attacks they’ve had and a third don’t know how they’ve happened.
While the majority (64%) of the UK organisations it surveyed do have an overall security strategy in place, the country continues to lag behind the global state of preparedness.
Most notably UK boards are less engaged in the fight. Only 34% of boards are actively participating in their company’s information security strategy compared with 44% globally.
All of which points to there being yet more organisations can do to adopt the proactive approach essential for their cyber security – security that will only face increasing pressure in coming months and years.
1) technology.ihs.com 2 ) industryweek.com
Why the challenge is getting tougher
Bring Your Own Device (BYOD), the growth of cloud networks and IT consumerisation have all made maintaining network security more complex.
As your network grows so does its perimeter, and with ever more data shifting to and from the cloud, additional points of vulnerability are exposed. All data and assets must be secure all of the time, whether in or out of the Cloud.
more than 4 in 10 businesses experienced a cyber security breach or attack in the previous 12 months
The UK Government Cyber Security Breaches Survey of 2018 revealed that more than four in ten businesses experienced a cyber security breach or attack in the previous 12 months. But less than three in ten have a formal cyber security policy in place.
Breaches were more often identified among organisations holding personal data, utilising the Cloud, and where staff used their own devices.
Since 56% of businesses and 44% of charities hold personal data, and 45% of businesses and 65% of charities have BYOD, the risk is therefore considerable.
The survey also estimated that six in ten businesses use the Cloud – nearly seven in ten for medium-sized businesses. This figure, and the potential security threat is poses, is also rising.
Businesses find cyber security hard to grasp
In the qualitative survey, organisations acknowledged that BYOD made cyber security more difficult to manage, because there was less technical control that could be imposed on personal devices.
Yet only 19% of businesses where BYOD was present had a security policy covering the use of personally owned devices for business activities.
Three-quarters of businesses (74%) now say that cyber security is a high priority for their organisation’s senior management.
However just 30% of businesses have a board member with responsibility for cyber security and 20% admitted to never updating their senior managers on cyber security issues.
The survey also noted that spending on cyber security tends to lose out when competing against other priorities, despite its business criticality.
Preferring to spend money on marketing rather than security (as one business confessed it did) may seem like a route to growth.
But as the survey pointed out, cyber security investment is a vital part of keeping key services running, finances secure, data safe and reputations intact. Without it, there may be no business to grow.
The extra demands of legislation
The requirement for organisations to have robust safeguards against cyber attacks and data breaches has also increasingly become a regulatory issue.
Britain’s most critical industries could be fined up to £17m if they leave themselves vulnerable to cyber attacks
The UK’s implementation of the European Commission’s Network and Information Systems (NIS) Directive imposes fines of up to £17m on leaders of Britain’s most critical industries if they leave themselves vulnerable to cyber attacks.
The Networks and Information Systems (NIS) Directive was the first piece of EU-wide cyber security legislation.
It aims to raise levels of overall security and resilience of network and information systems across the EU.
Such systems and the essential services they support play a vital role in society, from ensuring the supply of electricity and water, to the provision of healthcare and passenger and freight transport.
Their reliability and security are essential to everyday activities. Its implementation was seen as an opportunity to put mechanisms in place that drive real improvements to national cyber security.
The deadline for member states transposing the directive into domestic legislation was 9 May 2018.
Also in 2018, the EU-wide General Data Protection Regulation finally came into effect after a two-year preparation period for organisations to ready themselves.
The highest level of fines for infringements reaches €20 million, or 4% of worldwide annual revenue, whichever is higher.
(Observers have noted that after a relatively quiet first year for GDPR, the coming months may see a flurry of high level fines from cases that the authorities have been slowly building.)
3 critical areas
to lock down
As your organisation grows, so does its connectivity, and with it, its perimeter. These are the three areas we consider essential to lock down in order to secure your data and assets.
1. Endpoint security
Purpose -To mitigate the risk and reach of any potential intrusion via the servers, desktops, laptops, smartphones and other Internet of Things (IoT) devices that your organisation is connected to.
Why it’s important - These are all critical components. Capturing audit information on what is occurring on them, at any given time, can supply early identification of an attack.
To be effective, endpoint security should have 24x7 visibility of all the activity taking place on all the endpoints in order to detect any malicious activity.
New endpoint detection and response, or EDR technology, has become more capable at this. It can deliver a comprehensive assessment of the endpoint as well as providing automated responses to threats such as endpoint isolation and ransomware detection.
Enhanced endpoint security can also provide in depth analytics and forensic data.
This means that once a breach has been detected, investigators can determine how the attack occurred, where in the environment it started, which devices were impacted, and if any data has been stolen.
This valuable information can speed up the incident response and remediation.
2. Network security
Purpose - To protect the usability and integrity of your network.
Why it’s important - Reliable and effective network security manages all access to your network resources, while targeting threats and preventing them from gaining entry or spreading throughout your entire network.
Strong network security combines multiple layers of security measures at both the perimeter and within the network itself.
Each individual layer will have its own controls, allowing in those authorised to gain access to the network resources, while recognising and blocking cyber criminals from carrying out malicious attacks.
There are various types of network security, including access control, threat prevention, email security, web security and firewalls, to protect your employees, your data and ultimately your reputation.
3. Cloud Security
Purpose - To increase the security of your cloud storage, especially that of data held in the Public Cloud.
Why it’s important - By extending your security wrap into the Cloud and cloud firewall appliances, you can monitor the performance, behaviours and events in the Cloud and be better able to react accordingly to uphold the security of your data and applications.
Cloud computing continues to transform the way organisations use, store, and share data, applications and workloads.
As ever more organisations store data and applications in the Cloud, a whole host of security threats and challenges are created.
With so much data going into the Cloud – particularly into Public Cloud services – these resources become ideal targets for hackers.
A security breach, such as account hacking or a Distributed Denial of Service (DDoS) attack, can restrict access to these critical applications.
This could disable a range of different services, leave users without legitimate access and even bring your business to a halt.
The balancing act
of detection vs prevention
There’s no doubt that security attacks are on the increase, both the ‘classic’ threats such as data theft and denial of service and the newer hazards like ransomware. Maintaining robust cyber security continues to be a balancing act between detection and prevention.
It calls for the use of industry-leading technology to establish a real-time, 360-degree view of the threats against a business with the ability to deploy rapid responses to them to manage those threats and minimise their financial and reputational impact. As IT infrastructure gets more complex and moves into the Cloud, into business units and shadow IT, vulnerability management must evolve from a merely repetitive process to one that quickly adapts with IT changes.
Capita IT and Networks can help security and risk management leaders find that balance, mitigate large-scale attacks, ensure your public-facing services remain available and help keep your reputation intact.