Increasingly sophisticated cyber-attacks make security integral to success
Increasingly sophisticated cyber-attacks make security integral to success

Cyber-attacks continue to increase and evolve at an alarming rate. Threats have moved beyond disruption, towards specific objectives like targeted data theft. Traditional approaches to cyber-security have been ineffective. Perimeter-based security, detecting and blocking what comes in and out of the environment, has continuously been found wanting, failing to take advanced actors or zero-day threats into account. 

As attacks become increasingly sophisticated – and with GDPR set to increase the consequences of data breaches – 2018 will be when cyber-security becomes a strategic business priority that no CEO can ignore. Research released last year showed that severe breaches represent a permanent cost of 1.8 percent to a company's overall value because of drops in investor confidence. As well as individual businesses, this could also impact financial markets as more companies report data breaches.  

Minimising the impact of cyber-attacks on share prices should be a key priority for businesses in 2018. Organisations should be rethinking their approach to cyber-security now, to protect shareholder interests and avoid upcoming sanctions.

With the run-up to GDPR already keeping security leaders busy, protecting a business' data and infrastructure shouldn't be about doing more – it's about doing it more effectively. But what are the main challenges and how can they be resolved?

Staying secure in a multi-cloud environment

The trend toward multi-cloud (applications being deployed across two or more cloud platforms) is adding to IT leaders' to-do list. Multi-cloud can bring many benefits. Businesses can combine private and public clouds or dedicated servers, and choose the cloud service best suited for a specific workload. They can also minimise the risk of widespread data losses by distributing information across multiple platforms.

However, it can cause security headaches. Multi-cloud means multi-security standards, which may not protect data in the same way or offer different levels of governance. The lack of common standards means a single security solution may not cover them all equally. Businesses also need broader expertise at their fingertips, as each cloud has its own set of certifications. Investing in the training to operate each at the required standard can be cost – and time – heavy.

We're also seeing businesses overly relying on signature-based technology to protect these clouds, rather than investing in more sophisticated tools. Signature-based tools are great to detect already known threats, but will not detect the presences of an advanced attacker who masquerades as seemingly normal activity. And, without the expertise to investigate alerts and manage the technology, they can become an expensive acquisition of log file depositaries and flashing warning lights. 

To fully benefit from the agility, speed and utility based cost of multi-cloud adoption, a business must first evaluate its existing security solution. It's not enough to see cloud adoption as an addition to existing security technologies and practices – businesses must adapt their entire security solution to become cloud-centric, as well as ensure its they're in a position to auto-scale their solution, in order to fully optimise the benefits of moving to the cloud. 

Finding the right expertise

Within both these challenges, finding the right expertise is a common thread. And, as the threat environment evolves, this will become an even bigger issue for businesses. Of course, it's not as simple as employing more staff – as well as headcount issues, organisations will also need to invest in keeping them up to speed on each of the clouds being used and an ever-changing threat landscape.  It is not just a numbers game; organisations need to find the right type of expertise to counter they challenges faced in the contemporary threat landscape.

One route is to find a partner that can support with managing data security. This shouldn't be viewed as outsourcing in the traditional sense; businesses have the ultimate responsibility to ensure their adherence to compliance regulations. But a partner with specialist insight into both the cloud and data security can help businesses access the expertise they need to ensure multiple clouds run smoothly and threats are minimised, while keeping up to date with the attack landscape. This also frees up resource to focus on more strategic business goals such as development, innovation, policy and educating staff on security. 

Businesses are also often hesitant to release details of the breach they suffered, making it hard for others to learn from what happened. A specialist Managed Security Service Provider (MSSP) partner will likely have seen many different types of breach before across multiple commercial and industry vectors, meaning they can apply this experience and improve protection.  

Investing in the right places

Businesses also need to realise that it's not enough to just detect a problem. They must have appropriate means in place to respond to an attack and remove the threat, with a robust and well-practiced end-to-end process. While investing in signature-based tools provides a certain level of monitoring, if the processes aren't in place to take next steps then these efforts are wasted. 

Regular backups should also mitigate or reduce the need to consider paying a ransom if a breach does occur. In addition, data encryption will provide assurance that, even if data is taken, it is protected, and pseudonymisation will help avoid personal details being leaked.  

Security equals success

The exponential growth of technology has meant that the foundations of our security practices are constantly evolving. Measures that were effective in 2017 may already have become outdated, and the rate of change will only accelerate in 2018. It is important to adopt a security posture that combines expertise, process and technology to enable the business to operate securely, reducing risk and minimising potential impact. 

We can and should always learn from previous incidents and attacks. It is however equally important that we look forward, anticipating through intelligence and research as to how and where the next attack may come from. Train for the next war, not the last battle!

Contributed by Lee James, EMEA CTO, Rackspace 

*Note: The views expressed in this blog are those of the author and do not necessarily reflect the views of SC Media UK or Haymarket Media.