The War Against Cybercrime: Are You Doing it Right?

The fight against cybercrime is a constant battle for any business, large or small. Hackers are always looking for holes in your defenses they can use to invade your systems, steal data and cause havoc.

Yet it's getting harder all the time to combat these intrusions. Cyber criminals are becoming more organized and sophisticated than ever. While their main motives are to make money - with financial goals making up 86% of all breaches - the methods they use to achieve this vary widely.

For example, a few years ago, no-one had ever heard of ransomware, yet it's quickly become one of the most popular tactics for hackers looking for a quick payday. These attacks are relatively easy to launch and can cause huge disruption to businesses that may often feel they have no choice but to pay up.

To win this war, you need to treat it like a military campaign. This means effective prior planning, ensuring everyone knows exactly what they're supposed to be doing and having the ability to take swift, decisive action at a moment's notice.

Here are four elements of your strategy that must not be overlooked.

Step 1: Know your battleground

Terrain is everything when it comes to winning a battle, so it's vital you understand exactly what ground you'll be fighting on. This means identifying any choke points, covering off your flanks and making sure you've got a good vantage point that lets you see everything that's happening.

When it comes to your network, you need to be aware of any potential weaknesses that could be used as a point of entry. Today's firms have more endpoints than ever, including a wide range of remote connections, mobile devices and Internet of Things sensors that could expose you to hackers.

To spot these vulnerabilities, you need to do your reconnaissance. For example, one solution is to undertake a penetration test, where a white hat hacker will try to break into your network using the same tactics and techniques a criminal would. This can give you valuable information about where you need to focus your efforts. However, there are a few things you need to do first to prepare for these activities.

Step 2: Choose your weapons

You can't go into battle without the right equipment, but if you're still defending your network with outdated solutions such as legacy antivirus software and old-fashioned firewalls, you may as well be facing off against a tank armed with only a spear.

For example, traditional antivirus software won't be able to detect the new generation of fileless malware favored by many hackers. Therefore, you need more advanced next-generation antivirus solutions that can take advantage of technologies like artificial intelligence and machine learning to spot unusual activity in real-time.

The same applies to areas such as email security. Traditional email gateway defenses may not be able to stop phishing attacks that aim to trick people into downloading malware or handing over valuable data. But next-generation, AI-driven defenses can analyze a user's inbox directly in order to flag up anything out of the ordinary.

Step 3: Ready your troops

No matter how advanced the weaponry you have, it’ll ultimately be up to your soldiers to use it effectively - and make sure they aren't putting the battle at risk by making poor decisions.

Your employees are your frontline troops in the war against cybercrime, and as well as equipping them with the right tools, you need to make sure they're fully aware of how to use them and have the right discipline to succeed in the field.

According to one analysis, up to 90% of data breaches are the result of human error - and this often occurs outside the IT department. Therefore a thorough, ongoing training program is essential to your success. This involves ensuring people know how to look out for common social engineering tactics such as phishing and ensuring they're following best practices when it comes to areas such as choosing passwords and logging in remotely.

You also need to make sure this is sinking in by using activities such as phishing simulation tests to see who's been listening and who needs to go back to boot camp.

Step 4: Have a plan B, C and D

It's an old saying that no plan survives contact with the enemy. Sooner or later, the enemy is going to launch an attack, and despite all the mitigation and preparation you've done, you can never be sure that your defenses will be able to repel it.

It's therefore vital you have contingencies in place for what happens if your walls are breached. This starts with a strong, pre-prepared response plan that sets out what everyone's responsibilities are. This should include activities such as triaging to understand the scope and severity of the incident, an investigation strategy and mitigation steps.

This should cover as many contingencies and 'what ifs' as possible. For example, if you're hit by ransomware, you need to know how quickly you'll be able to get backups online, and how comprehensive they'll be.

You should also know how to isolate infected systems before threats can spread further, and make sure there's a clear chain of command so employees know who to report to at all times.

As in any battle, there are a lot of elements that have to work together to secure victory. Planning, training, equipment and a little luck are all required to win the day. But with the right preparation, you can give yourself the best chance of defeating the enemy.