53% of mid-sized companies globally have experienced a cyber attack in the past year, according to Cisco’s 2018 Small and Medium Business Cyber Security report.
While these might seem like startling statistics, they shouldn’t be. In fact, the real number may actually be higher, because not all companies detect – or admit – that they have been breached. Hackers also are getting much better at disguising their attacks so they can remain undetected for longer periods of time and extract more data
Cyber attacks in 2018
There are many examples of cyber attacks that can cause real damage. Just a few months ago millions of organisations were affected by VPNFilter, which attacked routers, network-attached storage devices and network switches by collecting data, stealing credentials, executing and overwriting files, and taking over devices. And that’s just one example. Other damaging attacks during this calendar year have included the FBI Virus, the Meltdown and Spectre attacks, GandCrab ransomware and cryptojacking in general.
There is no doubt that cyber thieves are getting craftier. As soon as one attack is quashed, another type arises. Some of the newer types of threats include those that avoid user interaction (such as last year’s WannaCry and Nyetya), the injection of work capabilities in malware to extend the threat beyond the intended network, and the ability of some hackers to leverage users’ own programs to spread infections.
How can cyber attacks affect your business?
These attacks can be quite damaging to a company in many ways. For one thing, they are expensive; 29% of mid-market companies say breaches cost them less than $100K. 20% say it costs $1,000,000-$2,499,999.
This damage includes the costs of repairing systems as well as other financial losses, such as loss of revenue and customers. They can also cause irreparable damage to a company’s reputation.
Why are cyber attacks successful?
There are many reasons why companies fail to protect their data and systems. In many cases, it’s simply a lack of qualified security personnel. It’s a growing problem; research from Cybersecurity Ventures found that there may be 3.5 million unfilled cyber security jobs by 2021.
In other cases, comprehensive cyber security protection can be elusive or even fall through the cracks because of the sheer number of vendors a company is managing. Most small/midmarket businesses today recognise that as they create a more complex product and vendor environment, their responsibilities increase. In fact, according to Cisco's report, 77 percent of mid-market businesses found it somewhat challenging or very challenging to orchestrate alerts from these many solutions.
Solving the cyber security dilemma
Despite the effort, it’s crucial that companies continue to invest and improve their cybersecurity posture. It’s the only way to be able to detect and respond faster to cyber attacks, and it’s the only chance they have of staying ahead of hackers.
One choice is training existing IT staff to take on security roles. It’s also important to create an incident response team that can develop a structured response to security incidents after an incident has been detected. In addition, all companies should develop policies for dealing with the fallout from cyber attacks. These plans should cover not only data backup and incident response, but how to deal with breaches from a public relations and legal perspective.
Companies also should strongly consider reducing the number of cyber security vendors they have to deal with and manage. According to research from ESG, 62 per cent of companies are actively doing just that. In most cases, it’s because they want to improve operational efficiency and become more effective against new threats. It’s also less expensive, because each product has its own cost, operational complexity and management issues.
Re-evaluating security tools and architecture
The vendor and product consolidation process also is an ideal time to re-evaluate security tools and adopt a comprehensive security architecture.
This reduces complexity and improves cyber-health in general and, most importantly, will automate as many security-related processes as possible. Automating prevention, detection and response capabilities achieves several goals; not only does it reduce the need for skilled cybersecurity professionals, but it helps ensure that nothing falls through the cracks. It also seems to work; according to the Cisco survey, 81 per cent of security professionals say they rely on automated solutions to some extent.
How AI and machine learning can improve cybersecurity
Forward-thinking companies also are leaning toward cyber security tools that incorporate artificial intelligence and machine learning. AI can be used to help recognise patterns, detect unusual activity, and transform unstructured text into structured intelligence.
Machine learning is the ability of a system to “learn” what’s normal. Once it understands what’s normal, it can more easily flag anomalies or malicious behaviours. Together, they can help stem cyber attacks by capturing and analysing millions of data points quickly. With these tools embedded in a cyber security solution, for example, a system can “learn” from past attacks and apply that knowledge to predict imminent or future attacks.
Adopting these modern technologies doesn’t necessarily mean throwing out existing tools, some of which remain valuable defences against cyber threats. An experienced vendor or integrator can integrate existing tools with a newer security architecture to provide the best protection for your company.
A final recommendation to drive improvements in cyber security is to recognise that incremental change is better than no change. In short, businesses should not let a desire to be “perfect” in their security approach get in the way of becoming “better.” Perfect, as in all things, does not exist. Small/midmarket businesses also must understand that there is no “silver bullet” technology solution to solve all of their cyber security challenges. The threat landscape is too complex and dynamic. The attack surface is always expanding and changing. And, in response, security technologies and strategies must continually evolve as well.
About the AuthorFollow on Twitter Follow on Linkedin More Content by Hazel Burton