We are living in a world where cyber warfare is no longer a futuristic fiction.
Cybercrime has grown into a global criminal syndicate where billions of dollars are made. It is also interconnected with other crime operations and evolving with technology. Cyber criminals are ahead of the curve and law enforcement authorities are forever playing catch-up
Governments, organizations, celebrities and citizens are no longer exempted from a possible cyber crime act. Cybercriminals have penetrated many high profile organizations, government sites and individual’s personal accounts and devices. They are listening, watching and waiting for the right opportunity. You may not know that they have set up a listening post and in fact, they may not even harm your systems, but you may be “harboring” malware that may permit criminals to attack a high profile target. Perhaps you may be the unsuspecting “transporter” caring the lethal payload.
FBI Director recently said that there are two kinds of big companies. There are those who’ve been hacked, and those who don’t know they’ve been hacked.
If your organization belongs to the later or if your CIO (or you) believe that no cybercriminal or malware can get into your computer systems, your CEO, Board of Directors and investors should be worried about it. There are ample examples of how a cyberattack can cripple operations of a business and put everyone in a spin, triggering the propensity to make poor judgement and weak decisions by the management, often this can lead to much larger reputational and financial damage to an organization.
Imagine your systems get lock downed by ransomware. Your confidential customer information compromised, sold to an underworld syndicate who might use the data for a variety of activities, ok including selling to telemarketing companies and through intermediaries to your competitors. Imagine the legal implications from customer lawsuits, reputational impact and customer churn.
The old school approach is to build defense in depth. Basically build more walls. “Firewalls” for those familiar with the jargon. Today organizations invest 70% to 80% of their security budget building walls and CIOs are quite content that no one can penetrate in. More like maximum security prisons. Do you know that latest threat in prisons are from air? Yes, drones!! Prison authorities are now scrambled to detect and prevent drones entering prisons.
Detection by far, is the most important aspect in combatting cybercrime. Experts suggest that if you invest 15% to 20% in detection you may be able to save nearly the same percentage in protection. You will know what protection systems work and what doesn’t. Often tighter protection comes with less flexibility on user productivity and may stun technological progress and innovation. Hence having some good detection methods can help implement advance, effective and robust defense systems. Today advance analytics of telemetry data, predictive analytics and machine learning is available to build sophisticated and intelligent cyber defense systems.
Once an attack is detected or when it is apparent you are compromised, it’s often too late. Not very many organizations invest enough to put in place a good response strategy. Most CIOs may be quick to point out that they have a comprehensive backup and disaster recovery plan. But has this been tested on a potential cyberattack scenario? Is it relevant to today’s context? How sure are we that backup systems are not compromised? Do you have a comprehensive business response plan? The permutations and combinations of scenarios will depend on the degree of openness of systems to the outside world. The absence of a response strategy or a poorly formulated response plan is more detrimental than the attack itself. In the panic stricken madness and chaos, organization’s may get shot in the foot. In fact, it may be one of the objectives of the attack.
A well thought-through response plan goes far beyond the emergency fire drill and computer backups. Again, companies tend to pay less attention here, they do not think through the steps and plans are poorly communicated to the staff. There may be ambiguity in the roles and responsibilities of the response teams and decision makers. “Let’s figure it out when it happens” might be the underlining attitude. Just think for a minute, how many of us pay attention to the airline on board safety messages, watch the video or the flight attendant and internalize what they say?
Timely detection and predictive analytics can help organizations to determine which response strategy must be invoked, what protection system must be strengthened and how the organization can get back to normalcy.
Remember cybercriminals are ahead of the curve in technology, they are streets ahead of the combatting guys, they are an organized criminal syndicate and it’s a multibillion if not multimillion operation. No organization can fight this alone. You need all the help that is needed from experts, specialized vendors and technology partners where security and protection from cyber attacks is part of their everyday business process.
Above picture Source: https://www.microsoft.com/security/cybersecurity/#!Overview
Darth Vader is no longer an individual but a mean army of cyber attackers. A unified team of Jedi’s are needed.
So May the Force be with you.