Cyber-attacks are increasing in scale and impact – you only have to look back at the news headlines WannaCry made last year to see that this is the case.
In May 2017, it was widely reported that the NHS had suffered a major cyber-attack. Utilising system vulnerabilities attackers were able to infect IT systems with ransomware, preventing staff from accessing critical data.
Ultimately a solution was found, but not before the attack caused widespread disruption: 19,500 medical appointments were cancelled, computers were locked at 600 GP surgeries and five hospitals diverted ambulances elsewhere, according to the National Audit Office.
It appeared to be a targeted attack on the NHS, but that was far from the truth: WannaCry, as it was known, was an attack on unpatched or outdated Windows operating systems. The NHS and other affected companies just happened to be using these vulnerable systems.
The perception that attackers only target high-value large corporations is long gone and companies of all sizes should heed the wake-up call. The reality is that most attacks are opportunistic, taking advantage of simple security mistakes such as unpatched operating systems, poor password security or employees clicking on infected phishing emails. Even with the most basic security measures, these attacks could have been prevented.
Yet we see the same mistakes time and time again. Equifax, for example, was hacked via an unpatched system and the personal data of up to 143 million consumers was compromised. That’s all it takes: one insecure system and attackers could potentially end up with access to all your confidential data.
So how do you go about improving your company security?
Technology may seem like a logical place to start and it’s true that websites, apps, connected devices and internal infrastructure all need to be fully tested to ensure they don’t provide a way in for attackers. But security requires more than just defensive technologies.
People and processes are just as important: you could have the most secure technology in the world, but if an employee opens an infected phishing email link, or has an unsecure password, attackers will still be able to get in.
Improving protection is all about creating a company-wide security mindset which takes into account technology, people and processes – ensuring that security is important to every member of the organisation.
You need to ensure that technology is tested on a regular basis and patches installed to schedule, that all your people are educated on the security threats and company processes are reviewed annually at least. No business can ever be 100% secure but, by working towards this goal, you improve your security posture and deter all but the most persistent attackers.
Even when you think you have everything in place, there is still more you can be doing. Many of our clients are extremely advanced when it comes to security: they have expert teams in place, fantastic resources and have worked hard to put security at the very heart of their culture. But even then, they acknowledge that they could be vulnerable to attack. For them, security is about putting their efforts, and their response, to the test. That’s where ‘Red Teaming’ comes in.
Originally coined from military war games, in the context of cyber security Red Teaming involves an independent attack team – the red team – simulating how a real-world threat would target an organisation in order to break in.
It’s a growing area within cybersecurity and we are seeing increasing demand from companies who want to fully test their security against a potential attack. But it's not just about testing the robustness of security defences; many companies also want to test their own response to an attack.
We see Red Teaming as the gold standard of security testing and our experts can mimic an attack by even the most advanced state-sponsored threats. It goes beyond your normal penetration test, utilising the full arsenal of weapons attackers have at their disposal to provide an invaluable review of security defences, as well as testing companies’ responses to such threats.
Whether your company’s a cybersecurity novice or a security expert, there’s always something you can be doing to improve your security situation. You just have to ask yourself; are you improving your security mindset?
How Secarma can help?
At Secarma our aim is to improve your security mindset, whether that be through our blogs or through the testing we conduct for our clients. Everybody needs to be responsible for security, both on a personal level and an organisational level, ensuring the that necessary steps are taken to safeguard your all important information.
To find out more about Secarma and what we can offer your organisation please click the button below.
This blog originally appeared in Business Cloud