12 July 2016
Blogs by author: Mark Hughes, President, BT Security
Awareness of cyber crime is at an all-time high, but organisations still need to do more to prevent serious security breaches.
As we know from our new report, cyber security is a concern for most businesses, and three quarters of major companies discuss the topic regularly at board meetings. It’s become an important part of running any organisation, with many now providing security training for directors.
But making sure that cyber security is on the board’s agenda, and that members are well educated about it, isn’t enough. Less than a quarter of companies feel prepared for an attack, and the majority have reported an increase in cyber attacks over the past two years.
This demonstrates that organisations are increasingly vulnerable, and most still need to do a great deal more to keep criminal entrepreneurs at bay.
Five steps for better cyber security.
Here are the five steps your organisation needs to take to improve your cyber security and prevent hacks:
1. Rethink the cyber threat.
Cyber criminals are proactive, resourceful and ruthless individuals. New attack tools are developed every day, creating increasingly unfamiliar threats.
From better coding to more sophisticated malware distribution, it’s important to constantly evolve your knowledge of potential cyber threats.
2. Understand your adversary.
To effectively combat cyber criminals, you need to understand their business models and strategies. They make money by exploiting vulnerabilities in their targets — and to know what your weaknesses are, you have to think like a cyber criminal. You also need to know where your ‘crown jewels’ are, so that you can protect them.
From malware to using your network to bribe employees, what’s your weakest link?
3. Take the fight to the attackers.
Creating barriers to try and prevent criminal entrepreneurs from accessing your network isn’t sufficient. Disrupting their business model is a far more effective method to protect your organisation.
For example, if a cyber criminal’s aim is to steal bank access details, there are a number of ways to disrupt this goal. The first is to make it harder for the thief to access the information, but beyond this, you can also make the details difficult to distribute and use.
Cyber criminals are after cash, not challenges, so making any step of their business plan more difficult will help dissuade them.
4. Act quickly.
To disrupt criminal activity, you have to be as agile as the attackers. That means removing any obstacles which slow your ability to defend against a cyber attack (and this can include rethinking your dependence on third-party security services).
5. Balance risk with opportunity.
Security’s key to exploiting the potential of new digital channels. And these make your organisation more efficient and profitable: letting you sell more and serve customers better.
In future, Chief Digital Risk Officers (CDROs) will play a strategic part in enabling digital opportunity and aligning this with risk management. They’ll help you to make sure security is both a barrier and a boon for your business.
Find out more.
Awareness of cyber security is a great start, but now you have to take effective action. Our new report with KPMG gives you a detailed view of the current threat landscape, and practical steps your business can take to stay secure in the face of organised criminal entrepreneurs. Download it here.
In our next blog, we’ll look in more detail at why you need to rethink the risk of cyber attacks.