Writing for Defence Online, Jon Fielding, Managing Director EMEA, Apricorn examines why keeping things simple and doing the basics represents the best solution in the world of cybersecurity.
Organisations in the defence sector may, by the very nature of their business, be more security-centric than those in other industries, but they are not exempt from the cyber-risks faced by their peers. We are all operating in an increasingly complex and challenging environment – and with cybercrime on the rise, and threats to data, assets and personnel constantly evolving, there are wide-ranging cybersecurity challenges to address across the board.
Complexity has penetrated every aspect of every organisation, from multi-layered and interconnected IT infrastructures, to ever more stringent regulation. This complexity is driven by ongoing digital transformation and the implementation of tools and initiatives such as big data analytics, cloud infrastructure, APIs, robotics, AI, and Internet of Things (IoT). Devices and platforms may even have been brought in and connected to networks without the knowledge of the IT department, adding to the complexity and risk.
Defence organisations are forced to contend with the challenges of changing infrastructure, rapid advances in digital technology and growing cybersecurity issues. The risks are heightened further as the data they hold is highly sensitive, and typically of great value to cybercriminals. Both legacy and digital infrastructure, and the growing volume of data flowing through them, must be effectively protected as the attack surface continues to grow.
The line between cyber and physical environments is also blurring, as operational systems and infrastructure are connected to network and cloud environments. This potentially opens the door for attackers who want to gain access or cause damage to physical assets or platforms.
The difficulty with introducing new technologies is that they bring with them many new threats and vulnerabilities, and it becomes increasingly tricky to filter through the risks and remember what’s really important when it comes to cyber protection. Many organisations focus their attentions on new and sophisticated tools designed to keep data, infrastructure and people safe from threats. In most cases, they end up struggling to maintain control because this fails to tackle the issue at its root: the solution to strengthening security posture is to simplify, not to introduce more complexity.
Organisations should be mindful of the time and resources spent protecting complex data environments. Data protection can easily get out of hand and see businesses skipping fundamental basic steps that are critical to ensuring long-term data security – particularly when trying to grapple with burdening compliance regulations, for example.
Getting the basics right is increasingly important given the serious penalties that can be levied by regulators today. The introduction of GDPR alongside the NIS Directive, two EU laws that came into force in May 2018, have given regulators the power to levy fines of up to €20 million (£17 million) or four percent of global annual turnover, whichever is higher.
The first basic step organisations need to take is to gain a better understanding of their current security posture. They should start by reviewing their existing security processes against compliance guidelines and best practices, identifying the gaps and putting a plan in place to address these areas.
Cyber-criminals usually look for the path of least resistance when choosing their target, and it only takes one weak link in the chain to find a way in. This could be via phishing emails, using commodity malware, or employing automated credential stuffing and other tools to crack easy-to-guess passwords and try breached credentials elsewhere.
In a recent survey by Apricorn, almost two thirds (63%) of respondents noted that human error was the main cause of a data breach within their organisation – be it mobile workers, unintentional error, or employees with malicious intent. A lack of encryption and phishing emails also ranked in the top five main causes.
Organisations need to tackle this from the ground up, through education and awareness programmes. These should be designed and implemented with all staff in mind, temporary and permanent – and also cover third party contractors, who can pose a huge threat as has been proven in many high profile data breaches. This is particularly important in light of another finding from Apricorn’s survey, which shows that IT decision makers trust third parties to look after business-critical data more than they trust their own colleagues.
Education should apply at all levels; senior execs should not be exempt and should certainly be practising what they preach when it comes to security protocol. On top of this, these programmes must be regularly updated and tested. As a necessity, as part of any awareness and education programme, employees should be clearly informed of the necessary password policies, which should be enforced at a technical level wherever possible.
Next must come encryption of all data as standard, at rest and in transit. Data taken beyond the network should be carried on IT-approved mobile storage devices featuring strong encryption, with any non-sanctioned devices blocked by endpoint controls. These controls should be enhanced with strict policies. Encrypting valuable or sensitive data enables organisations to manage their risk, and is a critical piece of the armoury. The good news is that two thirds (66%) of organisations now hardware-encrypt all information as standard, according to Apricorn’s research, highlighting the importance of incorporating encryption into any cybersecurity plan.
Effective patch management, using automated risk-based tools, continuous network monitoring, and anti-malware and breach detection tools should also be considered as basic best practice.
Digital transformation has introduced many complexities, but cybersecurity does not need to be complicated. Effective controls and protection can be accomplished by keeping things simple and reverting back to basic best practice: understanding and improving the security posture, educating users, and implementing end-to-end encryption. Reviewing and updating these fundamental measures on an ongoing basis will keep data, infrastructure, assets and personnel secure as the operating environment continues to change.
If you would like to join our community and read more articles like this then please click here.
The post The importance of cybersecurity – and why ‘back to basics’ is the best approach appeared first on Defence Online.