View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Leadership
  2. Digital Transformation
January 13, 2017updated 28 Mar 2017 4:24pm

The network perimeter has been breached – so how can you ensure digital protection in the cybercrime era?

Cybercrime is a big problem for companies in Europe and indeed around the world. Exact figures on how much it is costing British firms vary but recent research from the UK government found that eight out of ten large companies had suffered a breach and most were seeing attacks on at least once a month.

By John Oates

The problem is getting worse for several reasons. Cybercrime used to be reserved for nerdy kids in their bedrooms. But nowadays it is increasingly attracting professional criminals. They can make good money from cybercrime and the risk of getting caught is low. Even if they do get caught the punishments are far less arduous than if you get caught robbing an actual bank or dealing drugs. The huge growth of Bitcoin and other alternative currencies have also made it much easier for the crooks to get paid.

The traditional way of protecting a business against cyber-attack was to protect the perimeter.

This meant carefully scanning incoming emails. It meant ensuring that all devices connected to the network were audited and properly protected with up-to-date, anti-virus software. It meant firewalls to keep your network separated from other networks.

But this sort of protection isn’t possible for the modern business.

Firstly because it is almost impossible to say exactly where the perimeter is. Today’s companies run networks which are linked to supply chains, to cloud providers, to mobile networks and include mobile devices which spend time linked to dozens of external networks. There are dozens of possible attack vectors to defend.

Threats don’t come from a neat list of known threats any more either. Malware is evolving almost minute-by-minute so identifying it by its signature is no longer possible.

Instead defence strategies are taking a more holistic view of security rather than trying to keep the bad stuff out.

Content from our partners
Green for go: Transforming trade in the UK
Manufacturers are switching to personalised customer experience amid fierce competition
How many ends in end-to-end service orchestration?

Detection systems behave more like performance monitoring systems. They notice anything out of the ordinary – whether it is a machine or a user accessing more data than usual, or different data. They spot networks or systems running more slowly than usual and flag them up for investigation.

Successful defence also means designing security in from the very beginning, not adding it on at the end. It also means taking measures to make life harder for attackers even if they do get access.

It means using encryption to routinely protect important data so that even if a breach does happen it will do far less damage. Anonymising databases will also reduce the rewards for cyber crooks.

Good data protection practise like deleting details no longer required can also help mitigate the risks of a successful breach.

In the end almost all successful cyber-attacks rely on social engineering and human error. You need to teach your staff that security is not just a technology problem. If an email or a phone call makes them feel suspicious they should stop and think.

Security needs to be second nature for everyone not just the IT department.

Attackers will use any vector to get into your systems – some targeted attacks have started with phone calls rather than emails for instance. Others have used physical access to buildings and computers as a starting point.

But you can’t let the paranoia get to you either – you need an atmosphere where people are not afraid to admit they’ve made a mistake.

Cyber criminals have hit several UK hospitals with ransomware attacks in the last few months.

A member of staff at a hospital in Cambridgeshire inadvertently clicked on an email attachment and was sent to a web page which showed the ransom demand. Instead of immediately blowing the whistle that person ignored the demand and carried on working.

By pure good luck the hospital systems escaped serious harm because the attack came just minutes after a full back-up and the recovery plan worked faultlessly.

However good your defensive systems in the end it is your staff who are both the biggest potential weakness and your best defence against cyber attack.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.