Organisations have been hit with a deluge of cyber attacks in recent years, and it's only set to increase with the modernising security landscape.
While the security industry on the whole has done a pretty good job at warning of the risks of cyber attacks, it's important now more than ever that IT managers are on top of what the security risks are and how they can impact organisations; but with many facing a limited IT budget, what exactly should take priority?
What types of risk are we facing? What brought it home for me is a quote from former White House cyber security adviser Richard Clarke. In March he said that every major US company has been hacked with the aim of stealing commercial secrets. He pointed to a potential Doomsday scenario of billions of dollars of investment in R&D being stolen and the “death of a thousand cuts” as job losses hit economies worldwide.
It's easy to be dismissive of this nightmare as over-the-top. But the fact of the matter is that most successful organisations – large and small – are underpinned by unique selling points based on intellectual property. This commercially sensitive information, such as contracts, bid proposals, customer data and patent information, is all seen as fair game in the mind of a hacker.
Unfortunately, one of the biggest threats to this data is from an organisation's own employees. It's estimated that the ‘insider threat' is responsible for as much as 43 per cent of malicious attacks on organisations.
This can come from disgruntled employees as well as from ‘plants' by criminal gangs and rogue states. Enterprises therefore need to carefully consider their security policies and determine who has access to what on the company network and from which device or network.
Analysing audit trails can help pinpoint suspicious behaviour, particularly when personnel try to access areas of the network that are not relevant to their job function.
At a first level it is important to review what data an organisation has, making sure they know its origin and whether there are any conditions are attached to its use, and then making sure they know who has access to it and what it will be used for.
Organisations also should adopt the ‘need to know' principle, so companies should avoid giving all staff access to information if only a few of them need it to carry out their job. This prevents ‘uncontrolled' and unknown copies of data being held by a user – a potential loss situation.
Today, intellectual property is so important that it is also vital that all sensitive data is encrypted. Encryption is still seen in some quarters as the doyen of top secret defence organisations, but it shouldn't be relied on as a failsafe for data security. We need to keep on top of how we access data security and make sure we adhere to best practice.
Attacks on businesses will continue to become more targeted and sophisticated, but it remains the case that the vast majority are opportunistic. Criminals will identify companies that are weak and exploit that weakness, individually or collectively.
Simple best practice can thwart the majority of attacks and ensure companies keep the lifeblood of their business, their intellectual property, safe.
Mark Darvill is CTO of Ultra Electronics AEP Networks