The modern business environment is quickly evolving towards partial or complete dependence on new technologies. Businesses are adopting innovative technologies in a continuous quest for growth and cost optimization. These technologies in return have highlighted new vulnerabilities and complexities within the corporate ecosystem. Giving a typical example with the use of Internet, mobile, cloud and web-based social networking innovations, these patterns have brought about the improvement of an undeniably bigger ecosystem within organizations, and thus a broader landscape for threat actors to exploit.

Any cybersecurity professional worth his or her salt will tell you it is not a question of if a cyberattack will target your business, but when. However, an utmost assurance that your system won’t be compromised cannot be guaranteed. The deluge of cyber-attack stories in the news is becoming commonplace. There has always been one misconception that hackers are only after big corporations. The truth is, it does not matter how big or small your business is you are definitely a potential target of cybercrime attacks. The problem is that some enterprises do not seem to realize this and instead of preparing to guard against the vast multifarious threats out there, they prefer to operate in futile rationalization.

Seeing the sharp upraise in the use of advanced methods of attacks, there are no grounds to relax. The average annual cost of cyberattacks to companies worldwide was pegged on more than a $9.5 million by the Ponemon Institute. Companies need to understand and evaluate the effect of cyberattacks, the nature of cyber risks will remain unclear and will limit the ability to respond proactively. Aside from the most obvious loss that may occur financially, businesses should also deeply consider the reputational damage that comes with such attacks. Reports from recent incidents have shown that the target focus are not only for financial purposes but also well-organised plans from threat actors, such as hacktivist groups driven by political or social agendas and nation-states, to create systemic havoc in the markets.

Businesses must take deliberate steps to create an effective cybersecurity plan that works. Businesses must consider incorporating a multipronged approach that exhaustively deals with cyber defence measures considering the ever evolving, sophisticated array of cyber threats and risks.

Businesses should consider building cyber risk management programmes to achieve three essential capabilities – Security, Vigilance and Resilience. These capabilities enhance cybersecurity through a ‘Defence-in-Depth’ strategy – which is a multi-layered approach to information assurance.

A good understanding of known threats and controls, industry standards and regulations can guide businesses on how to secure their systems through the design and implementation of preventative, risk intelligent controls.

Vigilance may be enhanced through early detection of emerging threats and the attacker’s moves. This can be an essential step in containing and mitigating potential attacks. An early incident detection mechanism incorporates a sophisticated, adaptive, alerting and reporting system that can automate the correlation and analysis of large amounts of IT and business data, as well as various threat indicators, on an enterprise wide basis. These should be available 24/7, with adequate support for efficient incident handling and remediation processes.

Resilience can be achieved through simulated testing and crisis management processes; Businesses make disaster recovery plans at the event of an unforeseen disaster but hardly ever make cyberattack plans. Businesses must consider their overall cyber resilience capabilities in all dimensions to aid the rapid restoration of service with minimal disruption of service. A robust incidence response plan should be built by putting into consideration all the key business functions.



Written by Lois Eko
Researcher and Network Security Engineer at Blacksentry, a Division of Layer3.