How cyber security management is like an onion
Why is Cyber Security Management often compared to a common garden vegetable – the onion? Maybe because managing cyber risk can be a bitter experience and even make you cry? True perhaps, but the main thing that cyber security management and an onion have in common is LAYERS.
We’ve all heard the buzzwords these days around network security – ransomware, crypto viruses, spam, scams, phishing, social engineering. They are hard to miss - they are on the news, on the radio and in newspapers. Stories of companies being hit by cyber-attacks can dominate the headlines. Usually it’s a big multinational, well-known brand; think Facebook, Yahoo, eBay, JP Morgan Chase.. But the less well known, mid- and lower-tier companies are now more at risk than ever. Breaches at these companies just don’t sell as many newspapers so are less reported on.
If we look at the data, attacks on SMEs in particular are on the rise due to a lack of awareness around cyber security and limited budgets. According to Verizon Enterprise 2018 DBIR , 58% of malware attack victims are categorised as small businesses.
So if you are an IT manager or a business owner in the SME sector, what are you currently doing to help prevent a cyber-attack? Maybe you bought the latest antivirus software? Is that enough? Unfortunately not!
There is no one silver bullet solution. The key to safely securing your business from cyber-attacks is layering (thus the onion!). The more layers you have securing your network the better. Antivirus is just one such layer. Here are more we recommend:
Possibly the most important security layer on your network is a firewall, it serves as the gate keeper between your network and the big bad cyber world out there. There are of course different types, which brings us back to the importance of layering. A standard firewall is a bit like building a damn to protect your network. The damn might hold back the bulk of the water, but holes can develop and over time enough water leaks through to cause a flood that the damn can’t hold back.
Next Generation Firewalls
Thankfully firewalls have become more advanced than being just a blunt instrument. Next Generation Firewalls (NGFW) include a host of features including built in anti-virus, web filtering, SSL inspection and more, putting many layers between your network and the internet. An NGFW can help detect, analyse and reject threats intelligently before they even get to your network. But don’t be fooled to thinking an NGFW alone solves the problem!
40% of users don’t upgrade software when prompted. 87% of corporate computers are missing critical updates. These are just some of the stats around the importance of regular and timely patching. Some of the major breaches in recent times, such as WannaCry, gained entry to networks through exploiting a weakness that wasn’t patched. As soon as a new patch is announced, the criminals move fast to exploit the weakness in the knowledge that users are slow to initiate patching. Timely and fast patch management is critical to being cyber secure.
Secure Offsite Repository
Most businesses know they need to back up their data and systems regularly. However they frequently use machines and systems onsite to store their backups. Nowadays, these machines are no longer entirely safe and secure, rendering the backups vulnerable. Offsite storage of files, data and also critical server operating systems, applications and configurations adds an additional layer of security and ensures a business can get back up and running after an attack safely and quickly.
Two Factor Authentication
2FA is a feature of Office 365 which many users don’t avail of. With 93% of malware delivered via email, 2FA is another critical component in securing accounts. Accounts that have been set up to use 2FA will require an extra check, so even if a criminal knows your password, they won't be able to gain access. This is reassuring given many users don’t choose strong enough passwords and re-use the same password across accounts.
The importance of ongoing monitoring of cyber activity in a business network cannot be over emphasised. Identifying threats before they do damage is as important as being able to fix the problem after and involves less cost and disruption. Some forms of malware can bypass firewalls or gain access via an unpatched vulnerability and then lie dormant in a network, evolving over time. Ongoing and continual monitoring identifies threats that could potentially activate at any time.
Nowadays, IT managers and business owners may realise the importance of Cyber Security, but not all are sure which path to take to secure their business. As discussed, there is no quick fix or one solution which fits all. Remember the onion - you need the layers to protect the core. One layer, or even two or three, can be penetrated as cyber criminals continually discover new ways to get in.
Our first recommendation in this series of cyber security blogs is:
TAKE THE ONION APPROACH AND ADD THE LAYERS