Leaving the door unlocked in information security

Inside the enterprise: Most data security threats are well known and can be prevented. But research shows firms fail to act.


When it comes to securing their networks and data, too many businesses are fitting expensive locks, but leaving the keys under the doormat.

There's no doubt that the information security threat has increased over the last few years, with the growth of organised crime, and state-sponsored electronic espionage and cyber warfare.

Advertisement - Article continues below

But most hacks, researchers say, take place against systems that are not properly secured, or using well-known, often simple, exploits where a fix or patch is available. Hackers today are still compromising systems using vulnerabilities from two, three or even four years ago.

What is fundamentally lacking is an incident readiness capability

One piece of research, by the US standards organization NIST, found that some 90 per cent of cyber attacks were aimed at these known vulnerabilities. Companies might be forgiven for failing to act quickly against so-called "zero day" attacks, but not against those that have been around for months, or even years.

Part of the problem is the complex nature of IT systems: it is becoming harder to keep everything up to date, and to keep on top of all patches and vulnerability alerts. But part of the problem is also an unrealistic reliance on technology and automation. CIOs might believe their networks are protected, but no defence is impenetrable.

Advertisement - Article continues below
Advertisement - Article continues below

This problem is highlighted in the recent annual Global Security Report from Trustwave, an IT security consultancy.

According to John Yeo, the company's head of ethical hacking and incident response, companies are not only failing to secure systems properly, by ensuring their defences are up to date and systems correctly configured. They are failing to detect attacks, and not responding in the right ways when they do.

The problem of failing to detect attacks is especially worrying, as hackers can do untold damage in the time it can take a company to realise they have been compromised. In these cases, the breach can lead to the loss of tens of thousands of personal records or items of intellectual property that could have been secured, had the hack been detected and the malware removed.

And it is the lack of a proper incident response that is letting companies down, says Yeo. Businesses may invest heavily in disaster recovery and business continuity plans, and can be as prepared as possible for theft, fire or flood. But the disruption caused by a cyber attack is often left out of that planning.

Advertisement - Article continues below

"What is fundamentally lacking is an incident readiness capability," he warns. "You need to start with the mindset that at some point, you will suffer a breach. So you need to have people, processes and technology in place to respond when, not if, that occurs.

That incident response plan should be kept up to date, and the people involved should take part in exercises and drills. As Yeo points out, the best response teams are cross-department, and may not be people who work together on a day to day basis: not just IT, but HR, the legal team, and even physical security.

An efficient information security response plan needs to be kept up to date, as do information security tools. As the public awareness posters used to say: "lock it, or lose it."

Featured Resources

Top 5 challenges of migrating applications to the cloud

Explore how VMware Cloud on AWS helps to address common cloud migration challenges

Download now

3 reasons why now is the time to rethink your network

Changing requirements call for new solutions

Download now

All-flash buyer’s guide

Tips for evaluating Solid-State Arrays

Download now

Enabling enterprise machine and deep learning with intelligent storage

The power of AI can only be realised through efficient and performant delivery of data

Download now



10 quick tips to identifying phishing emails

16 Mar 2020
mergers and acquisitions

Panda Security to be acquired by WatchGuard

9 Mar 2020
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular


Zoom kills Facebook integration after data transfer backlash

30 Mar 2020
data breaches

Marriott data breach exposes personal data of 5.2 million guests

31 Mar 2020
cyber crime

FBI warns of ‘Zoom-bombing’ hackers amid coronavirus usage spike

31 Mar 2020
Server & storage

HPE warns of 'critical' bug that destroys SSDs after 40,000 hours

26 Mar 2020