The evolving cybersecurity needs of organisations across the UK
Pekka Riipinen, Director of Cyber Security at Crayon, takes a closer look at the changing cybersecurity needs of the UK’s businesses.
The Ponemon Institute’s 2019 Global State of Cybersecurity in Small and Medium-Sized Businesses study found that more than one-third (39 percent) of small and medium-sized businesses don’t have an incident response plan in place for responding to data breaches and cyber-attacks. However, an increasing number of organisations (of all sizes) are waking up to the reality that the growing prominence of online threats have made investment in mitigation strategies not only necessary, but inevitable.
However, more investment into cybersecurity translates into more demands on suppliers, providers, and partners. Due to the fact many companies lack adequate strategies and tools in-house, they depend on partners to be anything from trusted security advisors to managed security service providers.
Today, these internal and external pressures are forcing organisations to recognise how rapidly their requirements can change in an evolving cybersecurity landscape. Let’s examine some of the key change vectors and how businesses can respond.
One key shift in the modern corporate security environment is the emergence of modern ransomware and business email compromise attacks that are mainly financially motivated. Successful extortion of financial gain has led to an increase in both the rate and sophistication of such attacks.
The nature of the threats that follow data exfiltration has changed from company information being withheld until payment is received to company data being released unless payment is received. Attackers identify the channels where a mass data release would inflict the greatest possible damage to the target company. Withholding data bets the attacker’s financial reward against how long a target company can go without anyone having access to data. The threat of publishing leverages how long the company is willing to wait before the media, shareholders, regulatory bodies, company clients and the general public know who has their data.
This has made the threat of cyberattack more common for all industries as attackers have established that compromised corporate data can be monetised. For example, financial reward is extorted by demanding ransom payments in exchange for not publishing sensitive information through channels that would greatly damage the targeted company.
Another shift is signalled by the fact that modern hackers are increasingly targeting service providers to compromise several organisations all at once, as gaining access to one environment can also yield the keys to customers’ networks. Similarly, a successful attack compromising an important supplier or vendor, a so-called supply chain attack, can lead to great yields for the perpetrators, as it could offer them access to a massive amount of sensitive corporate data and networks. Mitigating these threats poses new challenges for the business of today.
Additionally, the migration of files, applications, and workloads to the cloud creates new risks and a variety of security challenges for businesses. While organisations can certainly migrate to and operate in the cloud as securely as on-premises, there is a clear responsibility model between businesses and their cloud providers. This means security in the cloud depends a lot on the cloud customer, who needs specific knowledge about the platforms and services being consumed to be resilient. Unfortunately, this is not always present.
Responding to change
Businesses across all industries must place security at the top of their priorities and technology organisations often have customers depending on them to secure their own environments and the workloads they use.
Making any environment safe begins with knowing what is in it and understanding how it works and so nothing is preventing organisations from ramping up their cyber security defences. Investment and adopting an approach where security should be considered in the same vein as quality is all that is required. This approach should be an embedded part of the full lifecycle of services and products, from design to build, operations and to retiring them. Investing in cyber security can return investment in many ways, from higher business resilience and faster time to market while maintaining quality to new business opportunities.
Ultimately, the benefits of installing the right cybersecurity defences are two-fold: enhanced risk management and a competitive advantage on other industry peers that are yet to do so. The basic principles of good cyber security have not changed despite the growing number of attack surfaces and the evolving sophistication of hackers. Therefore, all organisations should recognise the need to improve their resilience by upgrading their solutions, hiring the best cybersecurity talent, and urgently implementing policies and training for their employees.
Business leaders cannot fully trust in the prevention or avoidance of any attack and so there is an urgent need to have the right plans in place to cope with the changing requirements of businesses, forced by today’s changing security landscape.