Mind the Gap
There is a significant gap between the security of systems and data in most organisations, and the sophistication of cyberattacks that seem, these days, to strike more and more frequently; and with increasingly severe consequences.
Last month, the WannaCry forced Honda to halt production. The same virus caused Microsoft to shed tears over one million infected machines worldwide. WannaCry has also plagued Nissan, Renault and, more frighteningly, the NHS.
We all exist in the shadow of cybersecurity.
And these are just a handful of the latest stories. Back in 1982, the CIA found a way to disrupt the operation of a Siberian gas pipeline by embedding a code in the control operating system. The fire was visible from the space. Six years later, hackers targeted the US military, the Pentagon, the Department of Energy, and NASA in attacks that persisted for nearly two years.
What’s the score in 2017?
According to the latest Harvey Nash/KPMG CIO Survey, cybercrime keeps 80% of IT leaders awake at night. Which is hardly surprising. [And it’s not only them.] Cybersecurity is now so mainstream, I get advice from my grandmother about how to protect myself from hackers!
How many organisations are ready to resist serious cybercrime?
According to the same survey, only one in five CIOs is confident that their organisation could resist a serious cyberattack. This is down 28 per cent from four years ago.
[Which types of threat give the CIOs most cause for concern in terms of a cyberattack]
[Highest risk sectors in 2017]
So what’s the answer?
On the one hand, it’s simple: prioritise cybersecurity. The majority of CIOs have a range of security tools at their disposal to help monitor and respond to threats. On the other hand, these systems churn out an overwhelming amount of data, and most of the tools don’t talk to each other.
Someone has sort through the data, quickly identify the critical attacks, and prioritise those that threaten the organisation’s ability to operate. That means assessing segmentation by business function, compliance boundaries, prioritisation by contribution to operational risk… and I just lost you, didn’t I? You can see why this keep them up at night.
The secret to a good night’s sleep
The organisation’s approach to technology is critical. Without near real-time event correlation – e.g., using a SIEM solution – it’s very difficult to evaluate or compare events, and to determine which are the riskiest. Also, it’s important to be able to identify longer-term trends and patterns in the data.
So it’s a big data problem. And businesses are spending millions of pounds deploying security systems designed to cut through the noise and pinpoint dangerous attacks. The reality – at least for the time being – is that there’s still a huge dependency on human analysts to perform manual triage before risk assessment is manageable for the business.
Many companies trust Tobias & Tobias to deliver new, people-centric and innovative ways of solving complex data-related problems. Our professionals bring together over 100 years of experience in extracting key insights from sophisticated analytics.
Give us a call if you’d like to talk about improving cybersecurity in your organisation.