Bringing cyber to the board Cyber crime costs British businesses £34bn a year* Not just an IT issue, boards need to take note of consumers’ awareness and cynicism about how their data is used. Building the right cyber strategy, with transparency at the heart, could lead to gaining competitive advantage.
The more data a business collects about its consumers and the more sensitive that data is, the greater the data’s attractiveness to cyber criminals. With businesses becoming more and more dependent on data to manage their operations, the risks of cyber crime can only get greater. Although consumers tend to get caught in the middle, they are not always the prime target. Some criminals want to benefit financially; others want to damage a company’s reputation. This makes the risk of cyber crime not just an IT issue but a business issue as well.
While boards are becoming more aware of cyber risks they are still struggling to comprehend the full impact a cyber incident can have on their own organisation and strategy. To overcome this, businesses need to develop an integrated approach to cyber security with board- level accountability, one that links business objectives to security priorities and helps to create a common language between technologists and business leaders. The approach needs to be set at the top, with the board, CEO and the CFO setting the governance and organisational structure and ensuring all employees understand their role in preventing cyber attacks. Business leaders need to incentivise collaboration, and consider creative ways to raise awareness across the organisation through activities such as war-gaming, to help create the right security culture.
“We have to defend against every kind of attack, while the attacker just needs to find one flaw” –Naushad
Difficult-to-detect attacks
The increasing ability of attacks to avoid traditional security systems and
remain undetectable was a prediction we got right years ago, but we have
seen only the early stages of this phenomenon. Malware is still very popular
and growing, but the past year has marked the beginnings of a significant shift toward new threats that are more difficult to detect, including fileless attacks, exploits of remote shell and remote control protocols, encrypted infiltrations,and credential theft.
As endpoint, perimeter, and gateway security systems got better at inspecting and convicting malicious executables, attackers moved to other file types. Now they are experimenting with infections that do not use a file. Leveraging vulnerabilities in BIOS, drivers, and other firmware, they are evading defenses by injecting commands straight into memory, or manipulating functions in memory to install an infection or exfiltrate data. These attacks are not easy to execute and are not as interchangeable as some of the most popular malware, so the number of known attacks is currently quite small. However, like other techniques, they will get simpler and commoditised over time, broadening their accessibility and fueling their growth. The security industry is developing active memory protection and scanning technology that detects memory not linked to a specific file, but we expect to see an escalation in this type of attack until these defenses are commonly deployed.
In the last couple years, organisations have gotten better at detecting and responding to cyber attacks. However, according to a recent survey of security leaders, there’s still plenty of room for improvement. Only 47% of respondents rate their organisation’s response program as above average or superior.
No one was immune to the impact of cyber criminal activities in 2014. It will be remembered as the year of the Heartbleed bug that caused a vulnerability in the popular OpenSSL cryptographic library; the Poodle attack against outdated SSL 3.0; the sunset of the SHA-1 cryptographic algorithm, which was frequently affected by cyber attacks; and the Shellshock software bug.
Many e-commerce giants, popular smartphone applications, and government and health organisations were also actively attacked by hackers and threats continue to change both in terms of frequency and sophistication. As a number of forces converge, the risk of wider and more powerful cyber attacks on businesses is intensifying. In this section we explore how cyber attacks have evolved and how they are changing the nature of risk and forcing businesses to rethink their cyber-security strategy.
As more of their assets become digital, the risks and implications of cyber attacks are intensifying for businesses in the consumer sector.
Cyber-security risks will only intensify as businesses focus their investment on acquiring more analytics tools and basing more and more of their interactions with consumers in the digital space. While the amount of data accessed and shared across an ever more complex network increases, companies need to sharpen their focus and ensure they protect one thing: the trust of their customers – consumers and businesses alike. In both instances businesses need to make sure their customers are totally con dent that their data is managed and used in the most secure way possible.
In summary, data usage and security practices are not just about risk mitigation, they are also a potential source of competitive advantage.
Real-Time Cyber Attack Trackers
There are several cool online services that make it possible to track world cyber attacks in real time. The most usable are:
IPViking by Norse Corp., a so-called hackers hunting map that represents real-time cyber attack data collected by IP Viking. It shows the exact coordinates and IP address of where an attack is going from, as well as which Norse system is under attack.
Cyber threat map by FireEye, a sample of global cyber threat data collected from two-way sharing customers during the past 30 days. However, the “attacks today” counter does not represent real-time data. Rather, it provides real, observed attack rates and then calculates attacks for the day based on local time.
OpenDNS GlobalNetwork, the world’s largest security network, created by OpenDNS, the leading provider of network security and DNS services. The platform handles more than 50 billion of the world’s internet requests daily, in 196 countries.
