A lot of businesses would be unable to recover from a cyber attack if it hit them. Cybersecurity consultant Nigel Gibbons discusses how organizations can improve their cyber readiness and prepare for cyber breaches and attacks.
According to a recent study, 66 percent of respondents believe that their organization is not prepared to recover from a cyber attack, and the biggest reason why they wouldn’t be able to respond is insufficient incident response plans.
Nigel Gibbons helps businesses prepare and respond to cyber breaches. He’s a cybersecurity and cloud computing consultant who introduces a fresh approach to entrenched attitudes on cybersecurity and threat prevention.
Gibbons shares his insights on cyber breach readiness and how companies can better prepare for the devastating hit of a cyber attack.
Why do businesses struggle to recover from cyber breaches?
They cannot afford the cost – which is why cyber breach insurance should be as commonplace as employee and some other classes of insurance that businesses would never dream of not having in place.
Other reasons include poor cybersecurity policies and practices, no cyber breach response plan, poorly defined roles and responsibilities, and a lack of budget.
They also lack actual cyber attack experience to do meaningful analyzing and scrutinizing of the typical cyber incident response workflow and so-called work streams that follow most cyber incidents.
What are the primary loopholes in cybersecurity at U.S. businesses?
The number one problem is treating cybersecurity as just an IT issue; it’s not. There’s also the human element: we cannot program ourselves consistently, so don’t expect any change just because it’s cyber. This goes for employees and customers.
Businesses also hold too much data on customers unnecessarily – the minimum retention and detail should be the norm.
Other issues include no monitoring, poor incident response, IT staff training that is behind the curve, out of date cybersecurity policies and practices, as well as physical security. If a system can be accessed, it can be owned.
What are the best practices in cyber breach readiness?
Do the basics. Do not mistake compliance for security. Do an all-inclusive risk assessment, including your supply chain. Keep all systems patched and replace out-of-support systems and software.
Be European Union (EU) General Data Protection Regulation (GDPR) compliant, which wraps up all data custody controls among many other must-haves. Have a tried and tested breach response plan in place. This is not the same as business continuity or backup plans.
Maintain an up-to-date audit of your IT environment so you know what should be there, and account for everything. Baseline your network so you know what normal is, and can detect abnormal traffic. Creating a new baseline when new devices are added or changes are made could impact this.
Have breach response insurance in place so you can afford to do right by your customers and recover your business – its value should correlate back to your customer data volumes. Organizations that maintain cyber insurance also tend to have the best cybersecurity policies and practices.
Finally, use network segmentation so you can isolate your network to contain cyber breaches.
What’s the best way to secure Internet of Things devices?
Do not trust vendor Internet of Things (IoT) security. There is currently no consensus or standard on how to implement security in IoT, and it is not just at the end-user interaction that securing IoT should apply.
Start with applying the Open Web Application Security Project (OWASP) IoT draft guidelines, and, if vendors do not comply, push back on them. It’s the only way you will change habits.
How much are vendors a cybersecurity issue for businesses, and how can companies work with their partners on security?
It is a veritable feeding frenzy for security vendors at present. As fast as they can get the product into the market, they will. The commercial time-to-market trade-off governs vendors’ behavior at the expense of end-user security. There you have the crux of the issue – it’s commercialism, not security, first. The testing grounds are the businesses and consumers who pay for that luxury.
According to the book Code Complete: A Practical Handbook of Software Construction, Second Edition, there are about 15 to 50 errors per 1,000 lines of delivered code.
So even taking out user or admin error and negligence, with the complexity in IT systems today, the chances of an exploit somewhere are almost guaranteed. The more things are added, the greater the complexity and chance of something being missed.
Interested in helping businesses prepare for cyber attacks and improve their cyber readiness? Explore your options in the Careers in Cyber Security section to find out more about the field and how you can get the skills to succeed.