The risk of cyber-attacks – a question of good management
In size, cyber-attacks in 2013 eclipsed previous peaks by over 200% and the number of large attacks increased multifold. 2014 too has been a year of cyber-attacks, with new and increasingly large attacks happening on a daily basis. We’ve seen Bitstamp, one of the world’s largest Bitcoin exchanges fall victim to a Denial of Service (DoS) attack that halted trading, and a website in France was hit with the worst Distributed Dos (DDoS) attack the world has ever seen, reaching at least 325Gbps.
Spear phishing, ransomware, insider threats and mobile malware are just a number of the different kind of cyber-threats we are facing, and attacks of this kind are not likely to stop any time soon. Cyber-criminals are constantly improving their methods, coming up with new attacks and with the amount of data entering the digital world constantly increasing, there is huge incentive for these attacks to continue. This means that security professionals and organisations need to constantly improve their methods as well – no matter how secure your business, you must never stand still.
Due to cyber-attacks becoming ever stronger and sophisticated, it is unlikely there will ever be a platform that is completely safe from these attacks. There will be no final answer in the dialogue between cyber-attacks and cyber-security, making our business a matter of effective and ongoing risk management. Below, we’ve identified four essential steps in order to help companies achieve effective risk management.
- Identify and prioritise crucial assets – It is important to know your environment and what systems or applications are crucial to the functioning of your business.
- Understand current and emerging threats – You need to know what is happening in the world of technology and cyber-threats and how this affect might your business.
- Apply defensive techniques, or mitigate the risk – Preventing cyber-attacks is near on impossible, but the key is to know about emerging attacks and to pick up on an attack as soon as possible. This will help you to adapt and respond quickly and effectively. Big data and analytics have a big role to play, as they have this technology has the power and ability to monitor systems for anomalies and alert the user. This kind of monitoring requires investment of course, but there is no denying how worthwhile this would be and much this could improve our defenses against cyber-crime. To mitigate risk, aim to ensure additional protection where there is increased vulnerability in your system.
- Monitor and adjust – Keep moving and never stand still. Monitor your systems, see what works and what doesn’t and try to stay one step ahead.
In short, cyber-attacks aren’t going anywhere and there will be no perfect solution to them any time soon. But, by investing in the right tools and analytics, businesses can equip themselves with the necessary means to effectively manage the risk, responding quickly to anomalies and carrying out the appropriate action quickly and efficiently. The key is to keep developing; cyber never sleeps, and neither should we.