Back to School: Lessons in cyber security
7 min read
07 September 2017
This year, not every business has been awarded an A* in cyber security. Be it an accidental data leak, an employee falling foul of phishing, or vulnerabilities that are yet to be patched, most companies have plenty of room for improvement.
With a new school term about to begin, six experts have come together to give a one-off class in effective cyber security. They discuss the lessons to be learnt from this year’s biggest attacks, and provide top tips that businesses should follow to ace the tests sure to come in the following months.
WannaCry ransomware: Thomas Fischer, global security advocate at Digital Guardian
“Without doubt the most high-profile cyber attack this year is WannaCry, which spread across the globe and severely impacted parts of the NHS. Attacks like this have been happening for years, but unfortunately we are either quick to forget, or simply don’t learn from past experiences. After all, the recommendations remain the same.
“All companies, big or small, must adopt a ‘patch early, patch often’ mantra. A regular review of system settings is needed. Also, don’t forget to disable unnecessary services open to attack. It is inevitable that hackers will, at some point, breach a network. In this case, ‘data aware’ technologies can prevent them from snatching sensitive data. Keeping customer data safe doesn’t take a huge investment, it just takes a smart one.”
Cloud server misconfigurations: Eduard Meelhuysen, head of EMEA, Bitglass
“A number of recent data exposures have stemmed from simple cloud misconfiguration errors; take the Dow Jones and Verizon incidents, for example. There’s an important lesson to be learnt from these incidents: organisations can’t abdicate all responsibility to cloud service providers once migrated to the cloud.
“Businesses need to realise that, although cloud services can be secure, it is the responsibility of those using them to ensure the services are configured in a secure fashion. Negate the risk of human error by looking to technology to quickly, easily and cost effectively ensure appropriate configuration of cloud services and encrypted company data en route to the cloud.”
Risky smart devices: Barry Shteiman, director of threat research at Exabeam
“Companies need to consistently learn and revise security postures with each new technology wave. The latest big shift in the state of play is the introduction of internet-connected devices in business networks. As more devices become ‘smart’ and internet-enabled, they are often given the ability to send, query or process corporate information.
“Hackers are able to use these devices – usually left unmonitored – to break into the network and steal company data. Security teams should add behaviour monitoring to their arsenal, as it is the best way to illuminate this attack risk. By understanding the normal behaviour of IoT devices, it’s possible to spot a ‘highjacking’ early on. IoT will grow and gain greater access to data; already a lucrative target for cyber-bullies.”
Recognise the real and present danger posed by employees – a topic discussed on the next page
The insider threat: Tony Glass, GM and VP EMEA of Skillsoft
“Whilst employees are often considered to be an organisation’s most precious asset, they can also cause the biggest problems. Alphabet, Google’s parent company, filed a lawsuit against former engineer Anthony Levandowski, who now works with Uber. The company accused him of copying over 14,000 internal files and taking them to his new employer. While the case is far from over, it illustrates the real and present danger posed by employees – the insider threat.
“It has to be said that not all threats posed by employees are malicious. In fact, many are silly mistakes – like clicking on a URL in an email that leads to a phishing attack. The key is education. Staff actions can lead to catastrophic outcomes. By giving them the skills and knowledge needed to protect the organisation against potential threats, businesses can relax, knowing that good cyber practice is being adhered to.”
The issue of MSP: Jon Lucas, director of Hyve Managed Hosting
“Many organisations struggle to keep up with methods used to protect against vulnerabilities. Managed service providers generally make excellent tutors, providing education on real-time network threat awareness as well as methods for preventing intrusion. But as we’ve seen this year, data breaches can occur as a result of the third party’s failings.
“Businesses looking for best in class defence against outside threats should do research to ensure a managed service provider is the right security partner. This includes ensuring the MSP has a proved track record when dealing with attacks of varying kinds, can deliver the most innovative security solutions and can adhere to strict service level agreements.”
Digital transformation and the Elastic Edge: Ryan Allphin, CTO of Cradlepoint
“In today’s emerging connected enterprise, the network extends beyond the traditional fixed location boundaries to span the Internet, connecting everything from kiosks, sensors and cameras to digital signage, and vehicles. For many of us, work is no longer a destination, but something that can be done from any device, anywhere.
“From a convenience and productivity perspective this offers many advantages. From a cyber security perspective, it’s a different matter. What’s needed is a network with an Elastic Edge; one that’s fit for purpose for today’s lean, agile and connected enterprise and that puts security, visibility and analytics at its heart. Organisations need to keep customer and company data secure by looking at the foundational building blocks of network security.”
Getting an F in cyber security can be detrimental to business. With hackers becoming smarter and more resourceful than ever, IT teams must revise their cyber security policies, and ensure that they are well prepared for the security tests to come as the second half of the year unfolds.