Fortify your organization's cyber defence to withstand cyberattacks

"By failing to prepare, you’re preparing to fail"
Benjamin Franklin’s famous quotation applies to cybersecurity now more than ever.

Over the last few years, senior cyber experts ranging from the head of the NSA to the director of the FBI have been delivering the ominous message that there are two types of organizations: those who have suffered a security breach and those who have suffered a security breach and are not aware. Alarming? Perhaps.

Based on our experience dealing with various breaches and investigations, we can confirm that this axiom is becoming more of a reality with every passing day. Still, many organizations believe they are not of interest to cyber criminals or that they’re too small to be attacked.

Our 2015 Cybersecurity survey report debunks this myth by demonstrating that many Canadian companies have a false sense of security. In fact, among companies that reported no attack in the past year, 90% felt safe, while among those that had experienced an attack, only 55% still felt protected. The fact that any organization can respond that they’ve “not experienced an attack” is a challenge in itself – as organizations of all sizes are attacked daily. Spear phishing, malware such as CryptoLocker (a file-encrypting ransomware), and illegitimate fund transfers are just some of the examples we are seeing across all industries.

The reality is that all businesses are vulnerable to cyber threats. Fortunately, organizations are slowly becoming more aware of the risk of being compromised and that breach preparedness is critical to survival. To get ahead of cyberattacks, organizations must become proactive in managing their cyber risks.

Identifying what attackers want

The first step in responding to the threat of cyberattacks is to identify and protect your organization’s most critical assets. Attackers are after your ‘crown jewels’, the data that would undermine or destroy your business and reputation if compromised. This will differ based on industry. For example, intellectual property is highly valuable in manufacturing, whereas client data is key in financial services.

Your organization doesn’t deal with intellectual property or customer information? You’re still not in the clear. We’re seeing a large increase in the number of attacks on companies involved in the supply chain of an organization. These third-party vendors are attractive targets because they could be an access point for a cyber adversary, who can then use the vendor’s remote-access privileges to enter the network of their real target.

Secure, vigilant, resilient

As the cyber threat landscape continues to rapidly evolve, so do the risks organizations face. Organizations need to get smarter in how they think about cybersecurity and continue to optimize their cybersecurity posture by taking a holistic approach based on the following three pillars:

• Secure: The ability to detect cyber threats and protect critical assets. This means having strong walls in place and a security-conscious culture.
• Vigilant: The ability to prevent cyber threats by anticipating potential threats that are specific to your organization or industry. This requires around-the-clock monitoring, threat profiling and security analytics.
• Resilient: The ability to respond and recover quickly and unharmed from cyber threats. This is best achieved through testing your procedures and processes through drills and attack simulations

A more efficient path to success

With all the challenges facing organizations, how do companies become secure, vigilant and resilient in the least amount of time possible?

For many, it begins with engaging the board, outlining a business case for increased security and creating a management position with the proper executive buy-in. Companies may not have the resources to effectively manage their risk and will need to look outside for their security needs, such as to managed security service providers (MSSPs).

Our survey found that in 2015, less than 50% of respondents use the services of an MSSP. Those that do scored a significantly higher cybersecurity maturity level, as MSSPs have the experience and depth to accelerate operational security capabilities. Furthermore, engaging an MSSP allows companies to take a holistic approach to cybersecurity, since an effective MSSP offers 24/7 monitoring, detection, and prevention services.

Time for a sanity check

When it comes to security breaches, the best defence is a strong offence: ensuring your organization is able to monitor, detect or prevent, and respond to a sustained attack. One of our more critical findings from security breaches is the fact that attackers were able to silently move laterally within the organization and remain undetected for months to years at a time. Most organizations are simply not equipped to detect these sophisticated attackers. This important challenge is now forcing IT leaders to adapt their internal operational security methodologies from detective controls to performing a yearly sanity check and compromise assessment that will actively look for potential attackers within their infrastructure.

Improving your cybersecurity posture and becoming a more proactive organization requires more than awareness. It requires an ability to ask the right questions. And it requires an ability to transform your business processes—to evolve, just as the threats are evolving.

If you’ve already started to fortify your organization against would-be attackers, don’t let up. Complacency is not an option, but confidence can be.