The nature of ongoing security risks
Technology, and the innovation that fuels it, continues to advance at a rapid pace on a global scale. In every field, in every conceivable way, people are in a constant cycle of adjusting to new systems and tools while developing newer ones. This innovation trend allows us to continue to grow and use resources more efficiently than ever for our own aims. Unfortunately, not all aims are benign. As we advance further into the Internet age, a time defined by the way we use information on a global scale, the transfer and security of that information is both continually tested and adjusted. In 2016, a report explained how companies that suffered a breach in security felt a decrease in customers, opportunities, and revenue of more than 20%. Nearly all those companies are attempting to be ready for the next attempt at a breach through methods including increased security awareness, risk mitigating practices, and separating IT from security to make unique departments for both. Causes for the breaches commonly are poor compatibility of systems used to defend against attacks, budget constraints, and a lack of trained talent.
Attacks continue to take advantage of any perceived weakness in defenses. Unlike most areas, in cybersecurity and IT having more defenses does not make a system safer. Instead, each one has their own gaps and weaknesses to exploit. Once security is bypassed by any one of those weaknesses, it becomes too late. Worse yet, as systems are compounded with various protection technologies or programs, they can conflict causing more issues than they solve. Over half the companies that were included in the report had anywhere from six to over 50 different security products. And yet, some of the simplest tactics are still proving effective. One such avenue is spam, or junk email. Bombarding the internet are automated systems sending out email after email. Of them, experts believe 8% to 10% are malicious. That does not seem like much, but when spam accounts for anywhere up to 2/3 of the emails of the net, that number is still staggering. This brute-force and overwhelming numbers tactic is still effective since only one is needed to cause a breach. Once established, the time to detection (TTD) is critical. A breach must be addressed and stopped as quickly as possible- but the median time ranged anywhere from 14 hours to 6 hours. Imagine all the data that could be lost or corrupted in that length of time.
Any business must keep their information safe. Financial records, information of customers, even the private identifying information of employees are all critically important to protect. After a breach is made public, a company is forced into damage control to deal with not only the issue, but the public outcry from their own supporters. More than half the organizations breached recently faced intense public scrutiny after an event. Operations and finance systems were treated the harshest, dealing with significant losses followed by brand reputation and customer abandonment. Of those breached, 22% lost customers, and nearly half of those lost a major portion of their customer base. Over a quarter of the breached companies love revenue, with 38% losing more than 20% of their revenue. Nearly half lost business opportunities, some of them quite significant losses. The breach itself is damaging enough, but the loss of reputation can be devastating in the short term, and take time to recover from.
Quite possibly the most disturbing aspect of these breaches is that they act like an industry of their own. As technology changes, the methods used to bypass security have been just as innovative. The use of spam email is a ‘classic’ form of attack, but hardly unique or relied upon as the only method. Older methods are still used for as long as they are successful, but hacking has become more ‘corporate’ in organization and methodology. New attack methods model hierarchies with distraction tactics to mask malicious activity. While addressing an apparent breach, other areas of the system are less noticed as the true objective is attacked. Other avenues are being exploited nearly as fast as companies can implement them. Use of the cloud has created opportunities as over a quarter of new cloud-solutions are categorized as being at high risk.
Mitigating risk factors
Addressing this aspect of online culture is not something that can ever be truly complete. Just as malicious individuals are continually attempting to breach and bypass security, the information arms race demands companies and security continue to evolve and address the threats presented. Again, more systems is not a better security solution. More inclusive and comprehensive security relies upon up-to-date tools and experts knowledgeable enough to make use of those technologies. In order to create that culture, businesses must make security a priority. Executive leadership must own and demand security be considered a vital part of any group. Security practices must be reviewed and evaluated regularly, not simply annually with a cursory glance. Security systems are constantly tested, so having regular checks to patch and control access points becomes essential to network systems and daily operation. Security practices should be clear and defined, leaving no ambiguity in what is acceptable and what is not. Any unclear section can easily become a point of breach to exploit. Most importantly, prioritize integration and automation.
By creating a transparent security system within a company, it becomes easier to take advantage of security systems provided by companies like Teleran. Security solutions take advantage of not only the established understanding of risks, but can also monitor the behavior of both programs and users. Understanding what data is normally used by a program, when, and by whom can create a profile that exemplifies what to expect. When that deviates, alarms can warn of unusual activity that could signify a breach in progress. TTD becomes an issue, and companies can stop breaches in progress, instead of hours later.