Cyber security remains a leading concern for business leaders and IT management around the world. The growth in risk vectors, the way a business can be compromised, and the volume of attacks means no business large or small is safe. For example, breaches hit two out of five UK firms last year, and the trend continues to rise.
Cyber criminals can reach anywhere, given just one security vulnerability. From the computers managing giant cargo vessels on the oceans, into your directors’ smartphones or access any networked system on the planet. All of which means every business has to be on their guard against threats.
When it comes to mitigating cyber security risks and developing threat intelligence, all companies need knowledgeable, dedicated teams. Businesses must partner with expert protection services to help manage the risks, educate workers and protect business data, wherever it resides.
What are cyber threats?
IT management doesn’t have to look far beyond the mainstream media and dedicated IT press to witness a constant stream of attacks on business IT infrastructure. Efforts to compromise systems, disrupt business and steal data are growing in number.
Popular attacks include data-napping, where the company has their information (for example, customer records, key documents or strategic assets) encrypted and held hostage. They pay a ransom to recover it, or must go through a costly and time consuming recovery process, if they had suitable backups in the first place.
Due to the automated nature of most hacks, any size of business is vulnerable. With state-developed spying tools leaked into the wild, the stealthiness of newer attacks makes them harder to spot, making IT security increasingly important.
Hacking tools and scripts freely available on the darknet let any would-be criminal launch disproportionately powerful and wide-ranging scans. These look for weaknesses in a wide range of IT infrastructure including servers, PCs and printers, with network routers being a favorite.
While they form the main threat, they shouldn’t overshadow more obvious threats. From disgruntled employees, competitors and professional thieves that may target a particular business for specific data, there are other risks to consider.
What is cyber threat intelligence?
For a business to defend itself against these attacks, awareness is key.
The majority of information to fuel this awareness comes from a wide range of cyber threat intelligence sources. IT departments need at least one person or team monitoring web security news, while also educating the business on the latest threats and how to deal with them.
Intelligence can come from IT providers, security solution vendors, online IT news and other sources. Governments, independent consultants and vendors provide a range of useful resources, including:
A key part of any cyber security role is to ensure that company servers, desktops and cloud applications are patched and up to date to mitigate the latest threats. EU companies should also have a General Data Protection Regulation (GDPR) officer whose role is to ensure business data is compliant with this recent legislation.
For a better idea of the cyber threat intelligence market and to talk to experts from around the world, consider attending events such as the Cyber Threat Summit in Dublin, Ireland taking place in October or the Cyber Security Summit, taking place across the US.
How to prevent cyber threats and intrusion
Any business with IT assets requires a full suite of protection to prevent digital break-ins and data theft. These start at the network endpoints, wherever your business meets the world. If your website is hosted internally or on a cloud server, it needs to be fully patched and protected. There are a wide number of security settings that need to be enabled and server options turned off to prevent misuse or fraudulent access.
All corporate mobile devices need to be protected and data stored remotely needs to be carefully managed and monitored. Unwanted or unused network ports and sockets need to be disabled to limit the ways that threats can breach a company’s defenses.
How to detect cyber threats
While early hacks used to create lots of noise, modern hackers are silent, almost invisible. They leave little obvious sign of their presence on a network. The majority of cyber breaches are only noticed after the fact, often when a business is told that its confidential data is being sold online, or if a blackmailer contacts the company.
To detect threats, businesses need to be equipped at several levels to defend itself. They need the latest malware detection and security tools installed across the business on every network and device.
Within the office, internet connections must be firewalled, protected against viruses and malware, and have network security anti-intrusion software installed. These tools will prevent access and monitor for:
- Unusual activity
- Files that may arrive by email
- Files that are brought in by users on memory sticks
- Websites that employees visit, which may contain malware payloads
Key to preventing threats is educating employees about the risks they take in visiting unauthorized sites. Guidelines about sending or receiving files using third-party services are also vital, and employees need to be taught about signs to look out for in phishing emails and other common digital fraud tricks.
How to protect against cyber threats
Many businesses plan for fire, theft and other emergencies with disaster plans and business continuity strategies. But digital fallout should also be part of the company’s planning. As well as proactively monitoring against threats, the business should expect some breach in the future.
A digital and cyber threat recovery plan is essential, given that a breach is likely if not inevitable. To protect against data blackmail or heists, current, secure backups need to be taken of all business-critical data on a daily basis.
During recovery tests, measure how long it will take, and how much it will cost, to get back up and running and factor this into your disaster prevention plans. Factor in the costs of data loss or business down time, and consider extra investment in IT security where needed.
Businesses also need a PR plan if they are hacked or data is ever leaked to the public. IT leadership needs to have people trained in what to say and how to phrase the issue to prevent greater reputational damage.
Any business yet to be hacked is either lucky, or very well protected. Don’t let yours become one of the sad statistics. Do note that the cybersecurity industry exists to sell services and products. Consider independent reviews like AV Test and read posts from security experts like Kevin Beaumont to truly understand the latest threats.
For more research and statistics about the current state of IT, click here.