Bogdan Botezatu, senior e-threat analyst at Bitdefender, discusses how you can keep your business safe as you scale.
What is “secure enough”? The reality is, there is no such thing.
As human beings we are all prone to making mistakes, which would suggest that nothing can be secured 100%, even with our best intentions.
However, there are steps that companies of all sizes can take to ensure that every digital point of entry into the organisation is safeguarded as best as possible. But as SMEs and startups grow and scale, and the corresponding number of entry points increases, how can business decision makers prevent the task of securing the business from becoming overwhelming?
When size doesn’t matter
When it comes to cybersecurity, often enough, small and big businesses tend to overlook some cybersecurity issues as they might not apply to them. A significant misconception regarding cybersecurity is that smaller companies usually tend to invest less, as a proportion of overall IT budget, in securing their data compared to larger organisations. On the other hand, big businesses often rely on one security solution or suite forgetting various small factors that play significant roles in overall cybersecurity hygiene.
When a security breach occurs, the motive behind the attack is not the first priority or focus – rather, security professionals should examine how the breach happened and work on a solution. That said, the aftermath of a breach may reveal the true motive behind an attack. For instance, a hacker group may target a larger company because it is perceived to have more valuable data, or they may target a smaller company under the assumption that it has less sophisticated security measures in place.
Companies of different sizes can be more or less vulnerable to particular types of threats. For example, distributed denial-of-service (DDoS) attacks can be very effective against small businesses that do not have the network bandwidth to cope with heavy traffic. On the other hand, Advanced Persistent Threats (APTs) may be more effective against a larger business with more network entry points to exploit.
Are all cyber attacks money-motivated?
It is also important to bear in mind that not all cyber attacks are motivated by monetary gain. In some instances, phishing for sensitive information can be equally damaging.
Private organisational data could very well be used for malicious purposes in the wrong hands, and cause significant damage to reputation customer perception, and the future of company employees.
This issue is equally grave for businesses of any size. If data is lost or ‘bricked’ in a breach, the subsequent downtime caused can be enough to financially ruin a company. Therefore, businesses from startup through to enterprise must ensure they are able to recover mission critical files if compromised.
However, whilst the majority of cyber attacks will well be carried out for financial gain, certain recent examples, such as June 2017’s GoldenEye attack, showed that general data loss and disruption of data was the overall aim. This highlights why it is important to think about possible motives for attacks, to increase the likelihood of being able to plug vulnerable security gaps ahead of time.
Different sizes, different solutions
There might not be a magical malware off-switch, but it is important to consider various strategies to defend against risk and try to hone in on the most suitable one for your size and shape of organisation. According to a recent Bitdefender survey, companies claim their two main infosec threats are outsider attacks (43%) and data vulnerability (38%).
One of the first steps in all cybersecurity strategies should be to find which devices can access sensitive company information, and then assess how secure these devices are. Do they have the most up-to-date antivirus client installed, what is one device’s permission set over another?
Needless to say, regular updates and security patches are comparatively easy when you’ve got 15 devices on a corporate network, but how about 1000? A more streamlined solution, in this case, could lie in hyper convergence, and the spinning up of a virtual desktop infrastructure (VDI) which can be allocated specific resources and is often far easier to update.
For these two different sizes of organisation, two different infosec strategies need to be employed. Smaller SMEs and startups might only need a strong and multi-layered security stack, comprising of, at the bare minimum, of a continuously updated antivirus client and appropriate endpoint back-up. Whereas, a larger organisation would need to think about what it would need to secure a virtualized environment.
State of the art security solutions exist today which can actually detect unusual activity at the hypervisor level, detecting and stopping memory manipulation attack techniques associated with known or unknown vulnerabilities in applications or even within operating systems. Protecting virtual workloads by analyzing raw memory, advanced threats can be stopped before they have a chance to cause disruption to an end-user or the organization.
Whilst businesses will always encounter different types of threats as they develop and scale, there are, fortunately, always steps and technology they can implement to protect themselves. By identifying where sensitive information resides and utilising a combination of appropriate information security strategy and tools, there should be no cracks or security blind spots left for malicious agents to get through. Just because your organisation is growing, doesn’t mean your infosec risk has to.