By Rory Young, Portfolio Manager: Support & Enabling Services at T-Systems South Africa
Many researchers now estimate the scale of the global cybercrime business to be greater than that of drug trafficking. Kaspersky Labs’ recent survey revealed that 9 out of 10 companies have already been a target of cybercrime, in some shape or form.
Many of them may not even realise their defences have been breached.
The cybercrime industry is certainly evolving. It’s now characterised by sophisticated, multi-level attacks, carefully coordinated to achieve a specific aim – usually the theft of data or money. And the stakes are getting higher: As more and more of an organisation’s value now resides in the data and the digital assets that it owns, breaches can become catastrophic. Attacks can ruin reputations and empires literally overnight.
As we see headline stories of large companies becoming targets of cyber-attacks, and as regulatory bodies struggle to keep pace and protect corporates and consumers alike, many companies simply don’t know where to turn.
The reality is that these globally-connected cyber-attacks require globally connected and seamlessly integrated cyber defences. An organisation needs to ensure the protection of its entire threat landscape, across all of its operations. Approaching enterprise security as discrete portfolios – like firewalls, VPNs, access management, encryption, and so on – will simply no longer work in the face of globally-coordinated cyber-criminals.
Coordination across business areas is crucial to achieving a solid security posture. Every user, in every corner of the organisation, should be aware of cyber-crime and educated on the ways to reduce their ‘attack surface’.
With the internal approach correctly addressed, organisations can now look externally:
“Know thy self, know thy enemy. A thousand battles, a thousand victories.” These ancient words from Chinese military strategist and philosopher, Sun Tzu, are perfectly applicable to modern cyber-defence.
Organisations need to understand who is likely to target their business, and why? Have there been any previous attacks, and what was the modus operandi? What has been the nature of the attacks on similar organisations? Armed with this knowledge, security professionals can execute a risk-based approach to defending the business – funnelling investment in the best ways to drive down risk and ensure that the most vital digital assets are given priority attention.
Getting to this point of multi-layered, connected security requires complete collaboration across the enterprise, and the counsel of experienced security partners that have successfully shored-up the defences of other large organisations.
There is no way that any one individual can foresee every potential issue, so strong partnerships become crucial in understanding blind spots and minimising risks as far as possible.
Despite all this, the nature of the beast is that no security solution is 100% secure. New threats and risks emerge on an almost-daily basis, and human beings remain the weakest link in the chain. As the millennial generation brings fresh new ideas into the workplace, they also bring a more blasé attitude towards data privacy, and low tolerance for anything that inhibits access and freedom.
Wantonly applying rigorous security restrictions to every process or service within the business draws the ire of this generation, and could well stifle an organisation’s ability to integrate effectively with others, and benefit from new digital ecosystems.
The battle against cybercrime remains an ongoing one. The types of attacks, and the technologies used to fight them will change as time passes. But the fundamental principles of remaining alert to threats, having organisation-wide visibility, being proactive, and being pragmatic, will always apply.