Cyber security criminals outspend businesses in security battles

Cyber security criminals are spending 10 times more money finding weaknesses in the cyber defences of organisations than the organisations they target are spending on protecting against attack.

Cyber security criminals are spending 10 times more money finding weaknesses in the cyber defences of organisations than the organisations they target are spending on protecting against attack.

Research from Carbon Black carried out in August also asked 250 UK-based CIOs, CTOs and CISOs about the attacks they faced over the past 12 months.

In total, 92% of UK businesses have had cyber security breaches in the past year and nearly half off those reported falling victim to multiple breaches (three to five times in the past year).

A total of 82% of respondents said they have experienced more attacks this year than last year. In the financial services sector, 89% said this is the case, while 83% of government organisations and 84% of retailers had also experienced an increase in the number of attacks.

Malware was the most common attack on the UK organisations surveyed, with about 28% experiencing at least one such attempted breach. Ransomware was the next most common, with 17.4% reporting at least one attack.

“Following a global trend, cyber attacks in the UK are becoming more frequent and more sophisticated, as nation state actors and crime syndicates continue to leverage fileless attacks, lateral movement, island hopping and counter incident response in an effort to remain undetected,” said the report. “This issue is compounded by resources and budgeting. Not only is there a major talent deficit in cyber security, there is also a major spending delta.”

The report found that IT leaders believe Russia and China to be the source of the vast majority of cyber attacks, but it identified North America as the starting point for more attacks than Iran and North Korea combined.

If you want to save yourself stress, money and a damaged reputation from a cyber incident with affordable, live systems protection please ring us now on 01242 521967 or email assist@cyber139.com or complete the form on our contact page NOWContact Cyber 139

How SMEs can outsource cyber security issues to a Virtual CISO

Top things Small Businesses SMEs should consider when outsourcing cyber security to a Virtual CISO.

 

Outsourcing cyber security operations to a Virtual CISO (Chief Information Security Office) is not only possible, but highly attractive – especially in the face of increasing complexity, the continual evolution of the cyber threat and the current shortage of skilled cyber practitioners.

However, there are some elements that Small Business SMEs and businesses cannot do – outsource the associated business risks and regulatory responsibilities, such as those under the General Data Protection Regulation (GDPR).

While Service Level Agreements (SLAs) governing security services will exist, suppliers are unlikely to provide unlimited liability for consequential losses as the result of a cyber attack, or privacy breach.

You therefore need to be able to make judgements on the services you are being provided and make informed decisions on what is sensible to outsource for your business.

At a business level a CISO will need to retain overall control and management of the organisation’s security policy, disaster recovery, regulatory aspects such as GDPR and high-level incident and media management, but it would be perfectly feasible to outsource the underlying support – such as the actual incident response and aspects of disaster recovery.

However, a full time CISO may not be affordable for small to medium enterprises (SMEs), so an alternative solution that is growing in popularity is to employ a “Virtual CISO”.

These are skilled and experienced CISOs who can provide independent support, to ensure regulatory requirements are being met and that outsourced providers are fulfilling the necessary service levels, at a fraction of the cost of a full-time employee.

Typical security services that can be outsourced include protective monitoring, vulnerability management, firewall management, antivirus etc. How you decide to outsource may depend on whether you already outsource your IT provision or if you use cloud services.

The current trend amongst SMEs is for cloud-based solutions, as they lower the overhead of having your own IT and security management teams, especially when using storage and software services as security controls – like patching and back-ups – are included in the subscription.

Deciding what to outsource to a Virtual CISO is often driven by the need for specialist staff (who are currently in high demand), threat knowledge and the practicality of maintaining your own capability.

As illustration, on occasion you may need an incident response team of several experts covering incident management computer forensics, network forensics, malware analysis, etc. But having these professionals on the payroll full-time, “just in case”, would be too expensive, assuming you could retain their interest.

Also, effective protection depends on a good level of up-to-date threat intelligence,  so unless you have specialists engaged in threat hunting and gathering threat intelligence, it will be difficult to defend your systems. Incident response and security monitoring, closely followed by vulnerability monitoring, are therefore the first things to consider.

Patching, firewall management and access management are more routine, so may be kept in house, but if this is the case, any protective monitoring provider must be aware of the current configuration to meet their SLAs.

So if you want to save yourself stress, money and a damaged reputation from a cyber incident with affordable, live systems protection please ring us now on 01242 521967 or email assist@cyber139.com or complete the form on our contact page NOWContact Cyber 139