[BreachExchange] How to Proactively Defend Against Cyber Threats
Audrey McNeil
audrey at riskbasedsecurity.com
Tue Jun 21 19:56:45 EDT 2016
http://inhomelandsecurity.com/how-to-proactively-defend-against-cyber-threats/
Everyone knows thieves are looking more and more to the digital space for
opportunities to steal information, but many companies underestimate the
serious threats posed by these modern cyber criminals.
According to a recent survey by PwC, only a small minority of companies in
the U.S. have plans in place to deal with threats to their cybersecurity.
In addition, McKinsey reported that enterprises are more vulnerable than
ever to these threats, so most companies are both exposed to and unprepared
for potentially devastating cybercrime.
PwC also discovered that 41 percent of respondents in the U.S. had suffered
at least one cybersecurity breach over the last year — and those were just
the ones that found out. How many others have been breached but haven’t
learned the truth?
Thankfully, the tide is shifting. The Cybersecurity Information Sharing Act
of 2015 makes it easier for private companies to share cyber-threat
information. And after seeing the damage done by security breaches like
those at Target and Neiman Marcus, 88 percent of businesses said their
security budgets have increased.
Security Must Be the Priority
Why do thieves hack? Some are just hackers having a good time, but others
seek to install ransomware and other malware for financial gain. Worse yet,
some hackers are employed for private espionage at the corporate level.
Others use their cybercrime abilities to commit or aid in acts of
terrorism, while quasi-state actors with an aim to gather data can have
much broader implications.
Regardless of the reason, the breach creates impacts ranging from troubling
to catastrophic for a business.
One major outcome of a cyberattack includes the loss of personal data and
an invasion of privacy. This is the most widely known consequence of a
cyber breach, mostly due to the very public attack on Target’s customers in
2013, when up to 70 million people had personally identifiable information
stolen. But as recently as May 2016, retailers like Kroger and Wendy’s have
lost personally identifiable information data — not only on customers, but
also on employees — to cyberattacks.
Cybercrime can also break down business processes, like the attack on HSBC
that shut down its personal banking website and mobile app earlier this
year. It can take over industry control systems, such as when the Stuxnet
virus brought down Iranian centrifuges in 2013. Hackers can even take over
someone’s device (or multiple devices): One white hat hacker took control
of a General Motors car with a gadget built for less than $100. Other
serious concerns arise from how easy it is to hack into pacemakers,
creating potentially life-threatening situations.
With so many reasons for hackers to find their ways into a business’s
internal processes and customer data, executive leaders must build plans to
integrate cybersecurity into their companywide goals.
How Leaders Can Prepare
Cybersecurity is a major threat that continues to rise as we become more
connected, so it’s imperative that leaders make cybersecurity an everyday
function of their businesses, rather than a reactionary step after a breach
occurs. Businesses can stay proactive in these five ways:
1. Focus on the business, not the tech. Risk centers on business function
and data, not the underlying technology or infrastructure. Ensure the focus
of the security strategy is on the business and its processes, not led by
the technology within the business. Cybercriminals are interested in
acquiring personal data and finding exploitable holes in business
processes. Make sure they have a difficult time finding either.
2. Evaluate every threat vector. Cybercriminals take many forms: petty
thieves, activists, state-sponsored agents, terrorists, and corporate
spies, to name a few. All these players have different motivations, ranging
from monetary gain to publicity to competitive advantage. Put yourself in
the mind of the criminal, and ask who would want what and how they would
get it.
3. Understand your current position. When determining your risk level,
perform an internal evaluation to measure your current ability to detect a
breach and your response time to take remedial actions. Focus on how to
shorten the time it takes both to find a risk and to plug the hole.
4. Realize that no strategy is foolproof. No matter how good your plan or
your team, the risk for a breach will always exist. With all the avenues
thieves have, the question often isn’t whether a breach will occur, but
when. Focus on protection, monitoring, and response, and don’t neglect one
because you feel the others are exceptional.
5. Continually self-monitor and reevaluate. Conditions in cyberspace change
quickly, and paradigms shift all the time. What was two years ago a robust
strategy might now be woefully ineffective. Cybercriminals are always
coming up with new ways to attack your business, so remain vigilant in
keeping them at bay.
Risk is inherent in every business activity, and cyber risk is like any
other in a company’s register: operational, exchange rate, counterparty,
etc. The key elements that differentiate cyber risk are the variety of
vulnerabilities, speed of impact, and tricky attributions, all of which
make gauging cyber risk tricky.
Properly evaluating cyber risks means appreciating the tradeoff between the
cost of dealing with an incident and the cost of protecting against one.
Not all risks have to be mitigated, so work to find balance among
prevention, monitoring, transfer in the form of insurance, and quick
response to threats. Cyber protection can go a long way in building the
level of security required for the digital era.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20160621/916c4ded/attachment.html>
More information about the BreachExchange
mailing list