How well do you know your companies security posture? How protected are your devices, software, information and assets? How will you respond if you experience a cyber attack? How will you install patches to your mission critical systems?
These are just some of the issues that businesses are currently facing, cyber security can be daunting but it’s less so if you’re adequately prepared and alert to threats.
Let’s have a look at 10 cyber security challenges that most businesses face.
1. Rarely knowing your precise security posture.
How well do you know your companies security posture and how well can you detect and respond to attacks?
Networks, users, devices and applications are constantly changing and exposing vulnerabilities so you need to continually monitor your network to gain an accurate picture of your current security posture and complete a risk assessment that identifies where you’re vulnerable.
Get a clear summary of the critical remediation steps to be taken to avoid any security breaches and prioritise them by the most critical/those that involve the highest risk to your business.
2. Having an endless list of remediation tasks that are incredibly difficult to prioritise.
Once you’ve figured out your security posture, you’ll have a list of remediation efforts that need to be prioritised to ensure you deal with those that carry the majority of risk first.
Identify those assets that are critical to your business and fix those issues first so that your risk is reduced in the right place at the right time.
Continually test, protect & defend against any threats.
3. The constant worry that threats have bypassed your defences.
Cyber breaches happen every day to all kinds of businesses, attacks are becoming more sophisticated and complex and no-one is immune – unfortunately it’s a case of when, not if.
Most businesses take nearly 6 months to detect a data breach and 69 days to contain it [IBM] so it’s possible that you’ve already had a breach and don’t know about it.
If you want peace of mind you should consider monitoring your system in real-time for threats & conduct routine assessments of potential vulnerabilities, that way you can detect breaches sooner, mitigate any damage and save money.
4. Dealing with emergency patching on mission critical systems.
Attacks on critical systems are on the rise and emerging threats make it difficult to keep up-to-date with patching, 74% can’t patch quickly enough [Service Now + Ponemon Institute Study ]
Mission critical systems such as those in banking or healthcare can’t just be turned off to apply those patches, they can’t afford the downtime, this makes them more vulnerable to attacks. Un-patched apps and software are the easiest targets for hackers who want to infiltrate a business, it’s one of the biggest threats to businesses currently. Fixes are readily available but many companies aren’t applying them because its time consuming, costly & difficult to prioritise, 65% of businesses say that it’s difficult to prioritise patches [Service Now + Ponemon Institute Study]
You need to ensure that patches are applied as soon as is reasonably possible, whilst avoiding the need for emergency patching, eliminating downtime in the process to prevent cyber attacks from impacting your business.
5. Fatigue caused by security information overload and false positives.
Security professional constantly get alerts, managing them is a huge problem and they spend a considerable amount of time sorting through the false positives [50% or higher alerts are false positives]
- 70% of security professionals have to investigate more than ten alerts every day
- 78% said that it takes over 10 minutes to look into each alert
- 83% of security staff have experienced alert fatigue
Having a system that alerts you to potential threats and not being able to/want to investigate those threats is a pointless exercise. The future of detecting vulnerabilities lies in reducing noise and leveraging innovations such as Machine Learning so that those alerts can be dealt with quickly and prioritised accordingly.
6. Taking advantage of the cloud without exposing sensitive data.
Cloud computing has huge advantages such as business efficiency, competitive advantage and cost benefits but it’s important that the data that flows between them is secured. 66% of IT professionals say that security is their greatest concern when looking into adopting a cloud computing platform [LogicMonitor].
It’s usually the user, not the cloud provider, who fails to secure the organisation’s data. It’s predicted that by 2025, 99% of cloud security failures will be the customer’s fault. [Gartner].
You need end-to-end data protection for your devices & apps wherever and however they are accessing the cloud, so that your sensitive data is secured.
7. Allowing users to work on any device they chose, from anywhere, as if they were in the office.
More employees are working from home now more than ever and they want greater flexibility, including using personal devices for work.
Companies that introduce a BYOD policy save money and increase productivity, using portable devices saves employees 58 mins/day and increases productivity by 34% [Frost & Sullivan] so it makes sense to allow for this flexibility.
However, the increased risk of allowing employees to use their own devices are a cause of concern for business owners. 41% of data breaches are caused by lost or stolen devices & Six in ten (61%) small businesses have experienced a cyber security incident since introducing a BYOD policy, according to a study by Paymentsense.
To ensure compliance and security you need to ensure that your policies extend to endpoint devices.
8. Keeping on top of users with privileged access to systems.
Employees sometimes need access to more privileges than ordinary users (such as administrators) and that brings about the potential for a higher security risk. That access needs to be controlled and managed, in particular because 74% of organisations that have had a cyber breach say that it involved access to a privileged account [Forrester Research].
Organisations should determine what rights and privileges users need to effectively perform their duties and implement a policy of ‘least privilege’. Those with privileged access should be provided the exact level of privileges needed, when they’re needed, for as long as they’re needed and then returned to a no-access by default state.
9. Knowing precisely what type of sensitive data you have on your network or in the cloud.
Securing sensitive data is a common issue for most businesses regardless of their size but first they need to find their sensitive data! According to the Ponemon Institute’s 2020 Global Encryption Study 67% of survey respondents say that discovering where the sensitive data resides in their organisation is their biggest challenge.
The same study found that more than half the respondents (58%) use cloud technology to transfer or store data whether it’s encrypted or not.
As a business you need to determine how sensitive the data you have is, who has access to it, can you see who has access to it & most importantly is it secure?
Start by searching through all your company data and classifying it by putting it into sections, set tags on the data to indicate what sensitive information it contains and who can & should have access to it. Set access permissions on that data to ensure it’s secure and finally set alerts to notify you if there is any unauthorised access or threats to your data.
10. How to handle a security incident in the middle of the night.
More than 77% of organisations do not have a cyber security incident response plan applied consistently [IBM], meaning most are underprepared should the worst happen.
It’s essential that you put some guidance in place on how you would handle a cyber incident whether it’s discovered during office hours or in the middle of the night. If you have a good incident response policy in place it takes the pressure off when a cyber breach does actually occur.
The choice for your business is whether incident response cover is required in the middle of the night – is the nature of your business 24x7x365 critical and are the extra costs necessary? Companies are deciding more and more that they want external help with their cyber security. Have a think about what would happen if you had an incident during the day but it couldn’t be left overnight, do you need to detect incidents out of hours so that they can be resolved before the next working day, do you need weekend cover and do you have enough staff?