Organisations have been hit with a deluge of cyber attacks
in recent years, and it's only set to increase with the modernising security
landscape.
While the security industry on the whole has done a pretty
good job at warning of the risks of cyber attacks, it's important now more than
ever that IT managers are on top of what the security risks are and how they
can impact organisations; but with many facing a limited IT budget, what
exactly should take priority?
What types of risk are we facing? What brought it home for
me is a quote from former White House cyber security adviser Richard Clarke. In
March he said that every major US
company has been hacked with the aim of stealing commercial secrets. He pointed
to a potential Doomsday scenario of billions of dollars of investment in
R&D being stolen and the “death of a thousand cuts” as job losses hit
economies worldwide.
It's easy to be dismissive of this nightmare as
over-the-top. But the fact of the matter is that most successful organisations
– large and small – are underpinned by unique selling points based on
intellectual property. This commercially sensitive information, such as
contracts, bid proposals, customer data and patent information, is all seen as
fair game in the mind of a hacker.
Unfortunately, one of the biggest threats to this data is
from an organisation's own employees. It's estimated
that the ‘insider threat' is responsible for as much as 43 per cent of
malicious attacks on organisations.
This can come from disgruntled employees as well as from
‘plants' by criminal gangs and rogue states. Enterprises therefore need to
carefully consider their security policies and determine who has access to what
on the company network and from which device or network.
Analysing audit trails can help pinpoint suspicious
behaviour, particularly when personnel try to access areas of the network that
are not relevant to their job function.
At a first level it is important to review what data an
organisation has, making sure they know its origin and whether there are any
conditions are attached to its use, and then making sure they know who has
access to it and what it will be used for.
Organisations also should adopt the ‘need to know' principle,
so companies should avoid giving all staff access to information if
only a few of them need it to carry out their job. This prevents ‘uncontrolled'
and unknown copies of data being held by a user – a potential loss situation.
Today, intellectual property is so important that it is also
vital that all sensitive data is encrypted. Encryption is still seen in some
quarters as the doyen of top secret defence organisations, but it shouldn't be
relied on as a failsafe for data security. We need to keep on top of how
we access data security and make sure we adhere to best practice.
Attacks on businesses will continue to become more targeted
and sophisticated, but it remains the case that the vast majority are
opportunistic. Criminals will identify companies that are weak and exploit that
weakness, individually or collectively.
Simple best practice can thwart the majority of attacks and
ensure companies keep the lifeblood of their business, their intellectual
property, safe.
Mark Darvill is CTO of
Ultra Electronics AEP Networks