In a world where cybercrime is ever on the rise almost in tandem with the pace at which new technologies and learning are accelerating, securing business software has never been more critical. Yet, it’s far from the simplest of attacks. As a matter of fact, some of the web services deemed as highly secure have fallen prey to attacks time and again. The questions that come to mind, therefore, revolve around the tangibility of security measures. Are the measures out in place to ensure that security is tight and robust enough? Who polices the system and how do organisations protect themselves from cyber-attacks? The answer is more often than not obscure – precipitating the reluctance of some organisations to invest in business software.
What’s the reality?
More than 90% of business systems remain vulnerable to attacks, owing to holes which can be found in either the IT landscape or the software running on it itself. To exacerbate this, research suggests that security remains a translucent and intangible part of many enterprises owing to the complexity of the matter, the lack of expert skills to deliver security administration which is above par, and also rising costs in security consultancy services.
With that in mind, security is, in many cases, given either too little priority or too little running attention. Further, there are very few ‘what-if’ scenarios built in safeguards to react to cyber-attacks such as data and system locking.
What measures can be taken to improve security?
Without compromise, enterprises need to take comprehensive measures to guard their systems against attacks. This includes putting, firmly in place, mitigating features that deter hackers or any other type of threat that might affect the organisation. This can range from putting in place system measures or configurations which reduce the probability of attack to keeping systems up to date, to always ensure that the security modules in place are the latest upgrades.
Loss of data is often one of the consequences of cyber-attacks. Enterprises need to take dedicated attention on routinely analysing the security infrastructure, including identifying abnormalities in the daily function of systems. This translates to the inherent need for security personnel to have the right intelligence to know the form in which attacks take, the symptoms of system attacks and the possible vulnerabilities in the outward facing possible plug-in points. In this way, they stay ahead of the hackers and predict their next move so as to avoid further threats. This also facilitates easier back-up procedures and triggering of plugin restrictions remotely for security.
The implication on IT departments, especially in big organisations, is that they act as the securities function, usually including an employee mainly poised to protect the organisation from the different threats. Once all this is in place it is important for organisations to harness all the information they would have received and then standardize their protocols so as to be aware of threat levels in the future.
With the right security intelligence organisations are able to identify and trace the source of attack and to be able to defend the systems accordingly. There needs to be an extensive threat monitoring and analytics capable system that protects against the known threats and hunts down and prevents against the unknowns.
Knowing how to respond to an attack is half the job done in fighting cyber- attacks. No organisation can really say that they are impenetrable but it is always a good idea to act quickly and to respond to attacks as they come.
Organisations need to sub-divide their processes so that cyber-attacks are easier to detect at each sub level.
- Organisations need to perform gap analyses to determine what is and should be in place. This allows the organisations to monitor the subdivisions individually and what threats are poised at each integration level.
- A roadmap is always essential as it gives a clear guideline of the work process, what is done and what needs to be done with timelines. The implementation of controls can at this stage begin with careful considerations to implement each stage accordingly to provide full protection. During this process the people that need to be trained will then have to start their training.
- Integrate controls into operations – focusing on continuous monitoring and mitigation and weaving new processes into standard acquisition and systems management operations.
Factors supporting better security pro-activeness
- Prior knowledge – Organisation need to look at previous attacks both internally and externally to be able to implement the control measure against each unique attack. Include only those controls that can be shown to stop known real-world attacks.
- Prioritisation – Prioritise the defence mechanisms that will give you the most value. Stagger the purchase of the systems and acquire those that protect the most vulnerable parts.
- Continuous monitoring – Carry out continuous monitoring to test and validate the effectiveness of current security measures.
- Automation – Automate defences so that organisations can achieve reliable, scalable, and continuous measurements of their adherence to the controls and related metrics.