Preparing for the next big cyber-attack - it affects everyone
Preparing for the next big cyber-attack - it affects everyone

As the internet continues to expand through the proliferation of the Internet of Things, cloud adoption and mobility, new attack surfaces are constantly being exposed. Vulnerabilities are rife, data sets are growing, and the cost of breaches is becoming ever more debilitating - the stakes have never been higher. Concerns over maintaining privacy are also increasing, which was reflected recently in the commitment in the Queen's Speech to pass new laws to protect personal data. The incoming General Data Protection Regulation (GDPR) will also seek to address growing public concern.

Against this backdrop, cyber-security requires a pragmatic and holistic approach driven by employee engagement and stakeholder awareness. Technological innovations are enabling organisations to evolve and to become more resilient and agile, but at the same time, threat actors are scaling up their own cyber innovations.

Who is at risk?

In reality, no organisation that has any online operations is fully safe from the next cyber-attack; social engineering, phishing, and ransomware attacks continue to evade traditional defences with long-lasting financial and operational consequences. Retail and the finance industry have always been a highly targeted sector, particularly as it handles large volumes of credit card data in highly distributed environments. Recently, however, the threat of cyber-attacks has been increasing in other sectors.

According to recent research, the public sector has seen the number of detected attacks double in a year to 14 percent in 2016. Governments all over the world are constantly under the threat of complex, sophisticated attacks launched by rival nation-states, terrorist groups, hacktivists, and cyber-criminals looking to get their hands on vast amounts of sensitive information, ranging from personnel records, budgetary data and sensitive communications to intelligence findings.

What can be done to protect your business?

Security should no longer be seen as merely a technical issue. As business leaders continue to be challenged by the growing demands of today's competitive digital landscape, security should be a central focus at the highest level; it's an issue that transcends national borders and is independent of organisational size or maturity. Yet, it also serves as the differentiating capability that provides a competitive edge to support digital business. The understanding should be that cyber-security will help organisations to accelerate the execution of their digital strategy, enabling the growth and innovation necessary to support new business models and changing consumer behaviour, as well as the underlying infrastructure required to capture new revenue streams.

It's essential that the importance of cyber-security is understood and shared by everyone at the firm and security awareness training for all employees should be compulsory to ensure they're up to speed on threats like phishing, social engineering and ransomware as well as how to identify attacks, what to do if they need help, and how to report possible incidents.

Organisations must strengthen business continuity capabilities to ensure quick restoration of operations if an attack occurs. This includes a comprehensive backup strategy that incorporates secure storage of offline backups, and confirmation of the organisation's ability to rebuild systems and restore data. Vulnerability assessments should be carried out regularly and organisations should develop a policy for handling ransomware incidents. Generally speaking, the recommendation is not to pay the ransom - breach detection and knowledge of what has happened or is currently happening and the scale of the breach is critical for enterprise communications plans and reporting.

Partners and vendors, too, should be considered and carefully vetted. Hackers are constantly probing supply chains and seeking vulnerabilities by association. Most businesses operate an interconnected ecosystem, and it's far easier for attackers to compromise partners or vendors where security may not be a strategic priority. The same best practice security principles should also be applied to or expected from an organisation's trusted partners and vendors. Assurance should be sought that security has executive focus, and that third parties adhere to corporate, regulatory and legislative compliance.

Security assures business growth

Security assures business growth by providing continuous availability, integrity, and confidentiality of information. It's important to understand, though, that prevention alone isn't sufficient. Organisations must ensure detection and incident response capabilities are robust and are prepared to act effectively and efficiently, regardless of the location of the incident.

It is crucial that the cyber-security industry collaborates more with clients and strives to deliver services which provide continuous threat monitoring, enabling the collection, correlation, early warning and detection of threats, with ongoing real-time security analysis and incident response, to keep clients ahead of today's evolving risks.

Breaking down traditional silos within organisations, and creating a culture of openness will be advantageous to all. Security affects everyone and if organisations tackle these challenges together, the benefits will be far greater. Sharing intelligence and automating its integration back into cyber-defences raises the cost and complexity for threat actors to operate. Intelligence sharing shifts the economics of cyber-crime back into the defender's favour.

* All statistics and data taken from Dimension Data's Executive's Guide to the NTT Security 2017 Global Threat Intelligence Report,

Contributed by Rory Duncan, Head of Security Business Unit, UK&I at Dimension Data

*Note: The views expressed in this blog are those of the author and do not necessarily reflect the views of SC Media or Haymarket Media.