It is common knowledge that cyberattacks have developed into an ever-present threat to organizations but in recent times, breaches have significantly increased in both frequency and impact, leading many organizations to become resigned to their vulnerability and adopt a “not if, but when” mentality.
Hackers are now far more efficient and skilled, with the added bonus of hacking becoming an increasingly popular “profession.” The NotPetya ransomware cyberattack in June 2017 left many organizations across the UK, Europe, USA and Russia in chaos. This was the second major global ransomware incident in just two months, following the WannaCry attack. Hackers are evidently not only becoming more abundant, but they are also becoming better at exploiting vulnerabilities in unpatched applications that many organizations continue to maintain.
Beyond the increase in hacker sophistication, there have been additional contributors to the rising threat of breaches. The growing adoption of hybrid IT has brought with it fresh security concerns when it comes to data protection. Operating within the cloud means that traditional security policies and procedures are now largely outdated, as data is no longer physically secured within the four walls of the data center. This, coupled with networks becoming overrun with a variety of personal devices with individual operating systems, has made the task of managing networks against threats significantly more complex.
Despite there now being far greater awareness of cybersecurity threats, the preventative measures that organizations are adopting are largely either insufficient or ineffective. Security is often not given the attention it warrants, and subsequently many IT professionals lack the expertise to carry out the comprehensive protection strategies that are now required. Security must no longer be an afterthought, especially due to the evolving nature of the threat landscape, which itself is becoming much more complex and difficult to manage as time goes by and technologies develop.
Update your software procurement strategy. It is crucial that organizations have in place the most effective modern technology to combat the growing sophistication of hacker threats. Specifically, the procurement of compliance software will provide IT professionals with an easy-to-use interface, through which they can carry out patch management and security information and event management (SIEM). Certain products will also automatically monitor for any potential vulnerabilities or issues within the system, creating an alert if any such problems are identified.
Transform your IT professionals into security experts. All IT professionals now have a duty to become more security conscious and organizations must enforce this by creating a culture that values education and awareness around network security. Once this is in place, a team can be created that is tasked with producing a security framework. This should then be revaluated every six to nine months so that it can adapt with the ever-changing threat landscape. A comprehensive monitoring toolset should be a consistent feature of whichever security approach is taken, providing a baseline of performance across systems, networks and especially databases, which are particularly vulnerable to attack. This will provide security teams with a reference point for typical performance when something goes wrong.
Stay on top of security trends. Free resources are now available that provide daily updates on the latest security trends, investigations, and general cybersecurity topics. Regularly reading through the content published by The National Cyber Security Centre, for example, will help ensure that you and your employer are fully aware of the current cyber threat landscape.
Educate end-users. A large number of attacks are often caused by the actions of end-users working within the affected organization. This is often seen through the opening of harmful phishing emails, or more recently, by connecting external personal devices to the network when they are unknowingly carrying damaging software. These types of incidents can be avoided by educating end-users on the potential impact of their actions, and identifying the places/devices where threats can stem from.