In-depth

Leaving the door unlocked in information security

Inside the enterprise: Most data security threats are well known and can be prevented. But research shows firms fail to act.

Security

When it comes to securing their networks and data, too many businesses are fitting expensive locks, but leaving the keys under the doormat.

There's no doubt that the information security threat has increased over the last few years, with the growth of organised crime, and state-sponsored electronic espionage and cyber warfare.

But most hacks, researchers say, take place against systems that are not properly secured, or using well-known, often simple, exploits where a fix or patch is available. Hackers today are still compromising systems using vulnerabilities from two, three or even four years ago.

What is fundamentally lacking is an incident readiness capability

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

One piece of research, by the US standards organization NIST, found that some 90 per cent of cyber attacks were aimed at these known vulnerabilities. Companies might be forgiven for failing to act quickly against so-called "zero day" attacks, but not against those that have been around for months, or even years.

Part of the problem is the complex nature of IT systems: it is becoming harder to keep everything up to date, and to keep on top of all patches and vulnerability alerts. But part of the problem is also an unrealistic reliance on technology and automation. CIOs might believe their networks are protected, but no defence is impenetrable.

This problem is highlighted in the recent annual Global Security Report from Trustwave, an IT security consultancy.

According to John Yeo, the company's head of ethical hacking and incident response, companies are not only failing to secure systems properly, by ensuring their defences are up to date and systems correctly configured. They are failing to detect attacks, and not responding in the right ways when they do.

The problem of failing to detect attacks is especially worrying, as hackers can do untold damage in the time it can take a company to realise they have been compromised. In these cases, the breach can lead to the loss of tens of thousands of personal records or items of intellectual property that could have been secured, had the hack been detected and the malware removed.

And it is the lack of a proper incident response that is letting companies down, says Yeo. Businesses may invest heavily in disaster recovery and business continuity plans, and can be as prepared as possible for theft, fire or flood. But the disruption caused by a cyber attack is often left out of that planning.

Advertisement - Article continues below

"What is fundamentally lacking is an incident readiness capability," he warns. "You need to start with the mindset that at some point, you will suffer a breach. So you need to have people, processes and technology in place to respond when, not if, that occurs.

That incident response plan should be kept up to date, and the people involved should take part in exercises and drills. As Yeo points out, the best response teams are cross-department, and may not be people who work together on a day to day basis: not just IT, but HR, the legal team, and even physical security.

An efficient information security response plan needs to be kept up to date, as do information security tools. As the public awareness posters used to say: "lock it, or lose it."

Featured Resources

Transform the operator experience with enhanced automation & analytics

Bring networking into the digital era

Download now

Artificially intelligent data centres

How the C-Suite is embracing continuous change to drive value

Download now

Deliver secure automated multicloud for containers with Red Hat and Juniper

Learn how to get started with the multicloud enabler from Red Hat and Juniper

Download now

Get the best out of your workforce

7 steps to unleashing their true potential with robotic process automation

Download now
Advertisement

Recommended

Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/operating-systems/microsoft-windows/354297/this-exploit-could-give-users-free-windows-7-updates
Microsoft Windows

This exploit could give users free Windows 7 updates beyond 2020

9 Dec 2019
Visit/security/vulnerability/354309/patch-issued-for-critical-windows-bug
vulnerability

Patch issued for critical Windows bug

11 Dec 2019
Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/data-insights/big-data/354311/google-reveals-uks-most-searched-for-terms-in-2019
big data

Google reveals UK’s most searched for terms in 2019

11 Dec 2019