The Government has released a survey detailing business action on cyber security and the costs and impacts of cyber breaches and attacks. This comes hot on the heels of yesterday’s report on cyber attacks from the British Chamber of Commerce. IT security experts from Cylance, Imperva, FireMon, Synack, Lastline, Corero Network Security, Tripwire, NuData Security, Digital Guardian and Bitglass commented below.
Anton Grashion, Managing Director-Security Practice at Cylance:
Amichai Shulman, CTO and Co-Founder at Imperva:
Paul Calatayud, Chief Technology Officer at FireMon:
British business need to realise there is an entire global cyber criminal economy that out earns the illegal drug industry in terms of revenue. And as such, cyber programs need to wake up and adapt into a detect and response approach that places equal investments in prevention as it does detection of hackers.”
Phong Le, manager at Synack:
Marco Cova, Senior Security Researcher at Lastline:
- Companies should help customers enforce safe password practices
- Companies should keep customer credentials safely encrypted such that if they are compromised at some point, the damage to their customers is at a minimum, whether that threat comes from the inside or the outside of the organisation
- Remaining vigilant in enterprise-wide patch management to keep all application and operating system patches up to date is crucial
Companies should also ensure a comprehensive malware defence strategy which uses behavioural analysis of files versus the first-generation method of signature-based identification. Signature or hash based identification is becoming obsolete by the malware development community’s ability to iterate on variants faster than the malware databases can keep up. These new innovations in malware allow this environment-aware code to lay in waiting for long periods of time, within the enterprise, until such time as the attack sequence is optimal. This single trend changes everything.”
Stephanie Weagle, VP at Corero Network Security:
“While the Internet has been fighting off DDoS attacks for over a decade, these denial of service attacks are taking centre stage as the techniques have become much more sophisticated in nature. Coupled with the ease of securing DDoS-for-hire services, access to massive botnets, and unlimited motivations we are seeing a far more dangerous concoction of attacks taking down major institutions.
“This elevation of risk comes at a time when DDoS attacks continue to increase in frequency, scale and sophistication over the last year. 31 percent of IT security professional and network operators polled in a 2017 survey conducted by Corero experienced more DDoS attacks than usual in recent months, with 40 percent now experiencing attacks on a monthly, weekly or even daily basis. To alleviate this problem, 85 percent are now demanding additional help from their ISPs to block DDoS traffic before it reaches them.
“The biggest DDoS risk factor, which was cited by almost half of the respondents (45 percent), was the potential for loss of customer trust and confidence. Lost revenues were also a serious concern (cited by 17 percent), while malware infection (15 percent) was also seen as a potential problem.”
Paul Edon, Director at Tripwire:
The top three measures a company can take to mitigate cyber risk are:
- Start by understanding the risk you have. You have to conduct regular, preferably continuous, assessments of configuration and vulnerability risk across your IT systems. The attackers will be doing the same.
- Don’t ignore the simple, best practices. Keep software up to date, apply security patches, change passwords, and make sure terminated employees and contractors don’t have access. This security hygiene goes a long way to making the attackers’ job more difficult.
- Train your employees on how to recognise a scam. Much of cyber security is about human nature and social engineering. Training must be ongoing because the attackers change their tactics.”
Robert Capps, VP of Business Development at NuData Security:
The report indicates that enterprises are more likely to be attacked than SMB’s, yet defines a large company as over 100 employees. Other reports, such as the Symantec’s 2016 Global Threat Report indicate that only 35 percent of cyber attacks target large enterprises over 2500 employees. Whatever the exact breakdown is, SMB’s are typically less prepared than larger enterprises which usually have large fraud and security teams in place. Enterprises present bigger targets and are hit with different sorts of attacks. No matter what their size, all businesses should take note that computer intrusions and hacking are now a fact of life. Small or large, companies should ensure that they have appropriate incident response processes and preventative measures in place and make sure that there are no single points of failure in the response chain. All online businesses should make ensure that an appropriate accounting of actions, impacts, and learnings are provided to senior management, so improvements can be instigated. Poorly managed computer intrusions lead to most unmitigated data theft incidents, such as we’ve seen in recent high profile breaches.”
Thomas Fischer, Global Security Advocate at Digital Guardian:
Eduard Meelhuysen, Head of EMEA at Bitglass: