L
Looking back over the last year,
some could argue that it’s been an
unremarkable year for cybercriminals
due to a lack of any mega-attacks,
such as the high-profile ransomware
attacks of WannaCry and NotPetya in
2017. However, it’s important to note
that cybercriminal and nation state
hacking groups haven’t disbanded –
if they are meeting their aims using
covert tactics and existing techniques,
why deploy new ones? Instead they
have likely been working to develop
new techniques, which they can deploy
as defences are strengthened.
Fail to prepare, prepare to fail
Organisations need to be prepared for
both similar and more sophisticated
attacks in 2019. The overriding priority
must be taking measures to make the
business secure. Security doctrine for
years has advised a layered approach
FEATURE
the most data breaches and the GDPR
mandatory 72-hour breach reporting
requirement, it has never been more
important to have a clearly defined plan
to reduce the likelihood and impact of
being breached.
If WannaCry or
NotPetya had used
a more effective
means to breach
an organisation’s
perimeter security,
the impact would
have been truly
catastrophic.
Organisations aren’t preparing in vain
– in 2017 the number of total breaches
and total records exposed each jumped
by 24% over 2016 and this number is
only on an upward trajectory. There
are clear financial implications as well
– in 2018 the average data breach fine
increased to £146,000.
Nik Whitfield, CEO, Panaseer
– think of the many layers of onion skin
protecting the core.
However, by focusing solely on
the outside, many companies’
security is more like an egg – hard
on the outside, soft and mushy on the
inside. If WannaCry or NotPetya had
used a more effective means to
breach an organisation’s perimeter
security, the impact would have been
truly catastrophic.
The advent of EU GDPR made
preparation even more crucial. Given
that 2017 smashed world records for
www.intelligentciso.com
|
Issue 09
The issue is compounded by the problem
that most companies are not aware that
they have been breached for several
months, or even years, after the event.
This is because there is usually
no immediate impact on the company
(with the exception of some of
the newer breaches, such as
ransomware). Cybercriminals frequently
hold stolen data for a long time then
offer it for sale to other criminals when
it becomes valuable.
As no company can be 100% secure,
there must be clarity on acceptable
levels of risk and investment in
the fundamentals of the basics of
cybersecurity. Knowing, on any day,
what assets you’re protecting, how
they’re controlled and how they’re
37