The Cyber Security Breaches Survey 2016 released this week reveals some interesting statistics about the state of the UK cybersecurity landscape. Predominantly, the report shows that a massive 65% of large firms detected a cybersecurity breach or attack in the last year; with 25% of these experiencing at least one breach per month. Perhaps more shocking is that only half (51%) of all businesses have attempted to identify the cyber risks faced by their organisation, meaning that the other half is unaware of any potential threats.
And these threats are endless. Modern working practices have come on leaps and bounds in the last few years, accelerated by rapid changes in technology. Principally, applications and data networks have changed as applications can now be shared anywhere, on a vast range of devices, and the intricate web of ecosystems involving partners, customers and third-party consultants means more data than ever is constantly shared, and therefore constantly needing to be kept secure.
So, it’s not to say that cybersecurity is easy – in fact, it’s becoming increasingly difficult. But as a result, hacking is becoming far too easy and breaches are occurring much too regularly. All too often, hackers are able to penetrate the supposedly secure network perimeters and find their way into the most sensitive parts of an organisation’s infrastructure. However, when hospitals have to protect confidential patient data, retailers have to keep credit card and customer records secure, and educational institutions have the task of keeping a vast range of critical student data under lock and key, there really is no room for error.
But what can security managers responsible for these organisations do to keep the hackers out once and for all? It’s natural to jump to the mind-set of protecting your organisation from ever having to deal with a breach; breach protection strategies are still important and when faced with the average cost of £36,500 to deal with a breach, it’s no wonder businesses want to avoid them. However, the changing security landscape, employee behaviour and technology available means that it’s not a question of if a breach will occur, it’s of when.
Instead of focusing mainly on keeping the bad guys out, organisations need to turn their attention to containing a breach and limiting attacker access once the firewall has been compromised. This involves restricting attacker movement to a defined segment of the application environment to stop the hacker in their tracks once they’ve broken down the security at the perimeter.
Breach containment strategies, such as crypto-segmentation, involve segmenting the network not at the infrastructure layer, but at the business application layer. Furthermore, the use of crypto-segmentation means that BYOD, remote working and cloud computing no longer have to be considered as security issues; instead, these initiatives can be thought of as business opportunities rather than hindrances.
It’s clear that changes need to be made. And with UK consumers gaining the title of the biggest internet shoppers in Europe – how much longer will businesses wait before putting the necessary cybersecurity strategies in place?