Have you invested in cyber-security products and tools without really understanding the risk you face? And what are the latest, greatest innovations in our sector? As usual it's all go in our world. Here's the news.
Are you 'investing blindly' in cyber-security?
According to an article in the excellent Computer Weekly, too many businesses are 'investing blindly' in cyber security products without really understanding the actual security weaknesses the company faces or how well their existing defences are working.
The stats are a shocker. Tom Van de Wiele, principle security consultant at F-Secure, says about half of all investment in cyber security prevention is either ineffective or inappropriate, and most businesses have no clue which half that is. And it's all down to an over-simplified tick box approach to compliance that doesn't work.
Delegates at the recent InfoSecurity Europe 2019 event, held in London, heard how businesses really need to pin down, first of all, where their 'critical and sensitive data' is stored, who looks after it, who owns it, who accesses it, and from where. Without this very basic insight, there's no chance organisations will be able to protect their digital assets properly. It makes perfect sense. Under any other circumstance, not knowing the risks you face means it's impossible to deal with them effectively. Cyber security is no different.
Van de Wiele also highlighted the way physical security is being ignored to business' peril. Apparently the UK is at particular risk here, being a nation that typically doesn't count actual, physical security as part of their cyber security plans. It matters when having physical access to IT systems can make hackers' lives so much easier, especially in a world where attackers can exploit almost every interaction a company makes with the outside world.
It's also important to cut the amount of information employees are allowed to share on social media, since social media use can reveal clues about the security tech a business is using. When employees know they're a valuable part of the security protocol as a whole, and understand exactly what kind of information hackers like to use, they can see how a simple change in behaviour can make a huge difference to cyber security.
Van de Wiele's overall recommendation is a blend of risk management and cyber resilience. Cyber security, after all, is about being able to detect and respond to hacks effectively as well as trying to stop hackers compromising a system in the first place.
Futuristic ways to combat cyber attacks
The World Economic Forum website talks about the shift to a tech-centric culture, how it puts ordinary people at risk of cyber attack, and innovative ways to handle cyber risks in the future. Here's an insight into some of the brand new cyber security kit we might see on sale soon.
Goodbye software patch, hello super-chip
Software patches might soon be a thing of the past, as might the virus and malware scanners that currently detect suspicious files and keep them quarantined. Watch out for a brand new kind of computer chip being created by a team at the University of Michigan, a chip that encrypts and reshuffles the data and coding it contains an impressive 20 times a second. If a hacker breaks into a computer, the information they need to exploit a vulnerability vanishes within milliseconds, foiling the attack and particularly effective against control-flow hacks, traditionally some of the trickiest to handle.
Finding malicious network activity quickly
Researchers working for the US Army may have discovered a way to detect harmful network activity faster than ever before, and that's great because speed is crucial when dealing with an attack. Distributed network intrusion detection, for example, requires specialist analysts to monitor numerous networks at the same time. Sensors on a protected system transmit data to analysis servers, and because it's a bandwidth-heavy activity, they limit the amount of data sent. The analysts only see a snapshot as a result and can waste time investigating threats that don't exist. At the same time they don't always have all the insight they need to spot a real attack.
Because malicious network activity appears early on, the new tool is designed to stop network transmissions after a predefined number, then compress traffic analysis to less than 10% of its volume while sacrificing 1% or less of security alerts. Cool or what!
Spotting anomalies faster
Today's cyber security detection technologies often work by finding anomalies. When they detect abnormal activity they tell a human, who looks closer. Can we combine machine learning artificial intelligence with human intuition and get the best of both worlds? MIT researchers have blended human knowledge with super-smart computers to create the AI2 platform, then tested it on 3.6 billion pieces of data. The system predicted 85% of cyber security events accurately, three times better than any existing system, and pinpointed five times fewer false positives.
A very clever detection-response platform
Cyber-risks can come from multiple sources. Mistnet recently launched their new CyberMist tool, allegedly the planet's first ever multi-entity detection and response platform offering real-time threat prevention as well as visibility associated with users, networks and hosts. Combining cutting-edge computing and AI analytics, it can discover threats in under 60 minutes and displays continuously updated metrics. The results so far? It looks like the tool drove a 99% reduction in false positives over 30 days, an impressive start.
Are you Cyber Essentials qualified?
Until all this magical, innovative tech matures and comes onto the market, the best way to educate employees in cyber security is via the government's Cyber Essentials and Cyber Essentials Plus scheme. Once your people know exactly what to look for and understand better how to avoid threats, your business will be an awful lot safer. Let's talk.