Dr Mike Lloyd, CTO at RedSeal, looks at the year ahead for businesses and security and why having an up-to-date, realistic blueprint of your network is now more important than ever.
Barely two months into the New Year and already we face tales of new cybersecurity incidents are flooding in. Whether it’s the theft of sensitive customer data, corporate espionage, damaging ransomware-related outages or state-sponsored hacking, the risks have never been greater. And no organisation can claim to be 100% safe. But with UK firms each suffering an estimated 230,000 attacks on average in 2016, the focus must now be on building resilience into corporate networks to ensure the coming year is a more secure one for organisations.
A year of threats
A recent RedSeal poll of 200 CEOs revealed encouragingly that security is top of mind for nearly half (46%), and in the top five priorities for a further third (36%) of boards. They correctly believe that cybersecurity is a critical strategic function that should flow down from executive leadership. But there remain challenges.
Some 85% believe the task of securing key systems and data will only get more complex over time. That’s a reflection first of the growing sophistication of attacks, designed to bypass traditional filters and in many cases lie hidden for as long as possible in order to exfiltrate the maximum amount of data. But it also highlights the increasing complexity of IT environments, which require a much bigger investment of time and resources to secure than they used to. Many now feature a blend of physical, virtual and cloud-based systems expanding all the time. In addition, and perhaps most tellingly, 87% of respondents stated that it’s now no longer a case of if they suffer a network security breach but when.
That fact has been borne out by recent headlines. Already this year we’ve seen an LA college forced to pay $28,000 to regain access to its data after a crippling ransomware attack; revelations of a targeted data stealing campaign aimed at several high profile law firms; and a cyber-related outage at the UK’s largest NHS Trust. That’s not to mention the warnings circling Europe that state-sponsored hackers could be preparing to steal and publish information in a bid to influence major elections in the region this year.
With the UK’s Office of National Statistics recently revealing an estimated two million cybercrime incidents over the past year, it’s clear organisations must seek out an alternative approach to cybersecurity in 2017 – based around network resilience.
Given the scale and sophistication of threats today it can seem like an impossible task to secure your infrastructure. So where should you start?
Well, you can’t protect what you can’t see. In most organisations, networks have grown in size and complexity over the years to the point when IT leaders may struggle to gain anywhere near a comprehensive real-time view of their infrastructure. But that’s exactly what they need as we head into 2017. Nearly three-quarters (71%) of the CEOs we spoke to said they wanted a bigger focus this year on technology to help their IT team map the network – including cloud and virtual systems. And 61% said they wanted more attention spent on building resilience internally.
Once you have that accurate network-level view you can see, for example, whether devices are configured correctly, security zones are implemented right, and policies are enforced as they should be. These are the building blocks of security best practice and will help engineer that all-important resilience into your network. You should be able to see the status of your security posture at all times, and understand the risk implications of every change you need to make to your infrastructure. With the right kind of network modelling you can also begin to direct resources to the most vulnerable parts of your infrastructure. It’s all about reducing risk, simplifying compliance efforts and maximising existing security investments.
The actionable intelligence generated by this set-up will help accelerate your incident response efforts, by identifying at-risk assets and providing the info you need to mitigate threats. It’s an approach which will ensure that a security incident doesn’t turn into a breach.
We don’t know what threats are around the corner this coming year. But improve your network visibility and resilience and you’ll be in a pretty good position.