How can I be sure I’m investing in the right cyber security to protect my business?
Cyber security is one of the hardest things to get right in your business. The tools and methods cyber attackers use – and their motivations – change so rapidly that it’s hard to know what’s going on. And, of course, they only have to be successful once to have a devastating impact on your business. You have to be on top of things all the time.
In an ideal world, you’d have all the latest, shiniest tools and cyber security experts to protect your business, but money, of course, isn’t infinite. You have to allocate your finite resources to the places where they will be most effective. In this article, we’ll show you how to do it. Let’s get started.
How cyber threats have evolved
If you think you’re covered because you invested in a great cyber security setup a few years ago, think again.
While the threats you guarded against in the past still exist, new cyber frontiers have opened up that traditional controls cannot counteract. Your endpoints (devices, networks, etc.) aren’t the focus for cyber attackers anymore. Rather, it’s your identity and information stored in the cloud that they want to get their hands on. Advanced hackers will use a multi-stage approach to quickly monetise the information, in a tactic known as ‘triple extortion’:
- Ransom to decrypt your files
- Extortion to prevent the public release of your information
- Direct extortion of your data subjects (people in your information) to prevent the public release of their information
If that wasn’t enough, the tools cyber attackers can use have improved in power and capability in recent years. AI has put enterprise-grade hacking tools in the hands of anyone who wants them, for example, helping attackers craft phishing emails that look more plausible than ever, making it more likely that one day, one of your staff will click on a link they shouldn’t. Thanks to these tools, anyone can be a cyber attacker, while skilled cyber criminal groups across the globe can offer hacking-as-a-service.
With powerful AI-powered tools and more opportunities to monetise stolen information, no job is too small for a cyber attacker. It’s why cyber crime is now a $10.5 trillion industry. If cyber crime were a country, only the US and China would have bigger economies (1).
Every company is a target, whether you’re a microbusiness or a multinational. Even the smallest businesses hold data that hackers can make money from, especially in the highly-prized financial and legal sectors. The cloud-based solutions you use are convenient for you, but also prime targets for attackers. You might think your employees are smart enough that they won’t click on suspicious links, but one day, they might – and attackers only have to be lucky once.
This means you need to get your cyber security setup back up to speed, whatever that takes.
AI for the good guys
There’s no silver bullet to protect your business from a cyber attack. Indeed, preventing security breaches completely is near impossible. The best you can achieve – and the goal of cyber security today – is to prevent or minimise the effect of cyber events. It is, therefore, critical to spot a potential breach early enough for you to take steps to respond.
Preventing unauthorised access is ideal wherever possible. The key to this ability is to have complete visibility over what’s happening across your IT environment, with an early warning system that alerts you if something unusual is happening. By detecting and responding quickly, you interrupt the cyber attacker’s process and kick them out before the damage is done.
In the same way as we’ve discussed how cyber criminals are using AI to become more effective, AI can be used to help safeguard your organisation through the early stages of a breach. AI has put capabilities that were previously only available to the biggest enterprises within the reach of small and medium businesses. For example, while you might not be able to stop an attacker from infiltrating your network through the cloud, AI-powered tools can help you identify unusual patterns in access that could indicate potential cyber criminal activity.
But how do you know the best way to achieve these goals in this fast-changing cyber security landscape?
Understanding your security posture
When you understand how breaches can unfold in your organisation, it’s easier to spend your money in the right places. AI has made enterprise-grade cyber security tools cost-effective for SMBs, but simply throwing AI at the problem won’t solve anything. As we wrote in a previous article, you need more than the latest tools to block attacks.
Firstly, understand what kind of people are likely to be targeting your organisation. Cyber criminals can target your business from anywhere in the world. They’re highly unlikely to be in your time zone. And they don’t sleep. In fact, cyber criminals like to hit businesses at times when they’re unlikely to be on full alert, such as the middle of the night or the Christmas holidays. Therefore, you need to have a system in place that protects your IT environment 24/7/365 and be ready to take action whenever something happens.
Next, look at the methods cyber criminals use to get into your networks and steal your sensitive data. Giving yourself the best chance of detecting and preventing a breach means looking in all the right places at each step of the ‘cyber kill chain’ – the stages of a cyber attack and your opportunities to stop it. For most businesses, monitoring every single part of their IT environment is unaffordable, but by understanding how attackers might be able to get in (your vulnerabilities), you can take steps to fortify your defences.
Tools aren’t a guarantee of cyber security success, but it’s helpful to know what tech is out there and the outcomes it can produce, particularly if you haven’t added to your cyber tech stack for some years. Old cyber is now new cyber:
- Anti-virus > EDR – Anti-virus only looks for recognised ‘patterns’ or ‘signatures of known viruses. Endpoint Detection and Response (EDR) is a tool that looks for suspicious activity from any file. EDR also includes a response capability, allowing issues to be audited, contained and remediated
- Patching > Vulnerability management (VMS) – It’s still important to install software updates promptly as soon as they’re released. However, you should also use VMS to regularly scan for other vulnerabilities (or missed patching), so you can address issues proactively
- Secure passwords and MFA > Defender For Cloud Apps – Multi-factor authentication is not the silver bullet that guarantees everyone who can access your system is who you think they are. In the old days it was having a good password and enabling MFA. That’s not enough anymore. You need to monitor the behaviour of user logins and how they access data
Finally, remember that while cyber attackers are more likely to try to steal your data than anything else, old threats like malware and ransomware still exist. Don’t ignore these more simple threats just to focus on current and emerging threats.
With this four-fold approach, you can ensure you get the most out of your cyber security budget and give yourself the best chance of protecting your business.
Get cyber smart with Doherty Associates
The view of cyber attackers operating alone in a basement wearing a hoodie just isn’t the reality anymore! Cyber crime is a massive economy, with organisations operating out of glass-fronted offices with salaries, sales targets and HR benefits. AI has made techniques like spear phishing more effective than ever, making everyone a target, not just big businesses. If you’re trying to fight today’s war with weapons from ten years ago, you’re likely to lose.
However, by gaining an understanding of how cyber attackers work, investing in the right tools, and running a 24/7/365 monitoring and countering operation, you have the best shot at protecting your business.
Keeping up to date with the latest developments in cyber security can feel like a full-time job in itself. Budgets are tight and time is scarce. So, how do you balance your other business priorities with keeping cyber attackers at bay?
At Doherty Associates, we help organisations with both the big picture and the practical aspects of cyber security. We can help you develop a strategy that enables you to manage your environment effectively and protect against the latest threats before they can take root. We also help with:
- Setting up conditional access and detective controls
- Ensuring you’re supported 24/7/365
- Assisting with day-to-day governance, compliance, and regulatory matters relating to your cyber and information security
For guidance in developing a broader and more robust cyber strategy, visit our cyber security page.
Sources:
1 – Bloomberg – The World’s Third-Largest Economy Has Bad Intentions — and It’s Only Getting Bigger
We’re here to help
If you want to achieve better outcomes for your business through a more intelligent use of technology, talk to us.
Contact us