Cyber security is one of the biggest growing concerns in the UK business world. While many organisations have been making the effort to get smart recently, the bad guys have always been one step ahead. Studies of business cyber security has shown that current improvements, while taking great steps forward, have not been keeping pace with the growing sophistication of motivated hackers. So how could you possibly keep up?
The problem with many businesses current approach to cyber security is that it is incredibly fragmented, with a focus on providing individual solutions to individual problems, rather than an overall holistic approach to security. This results in considerable gaps within the cyber security net that are more difficult to see – to the point where more than half of business execs admit that it usually takes them months to detect a targeted attack and breach of their systems. But in order to be truly protected against cyber-attacks, you need to view the system as a whole, not just a series of moving parts.
Cyber security expert Kelly Bissell explains that successful cyber security needs to ‘protect the most important business assets of the organisation from the inside out and across the entire industry value chain, from the oil rig in the North Sea to the petrol pump on the forecourt.’ This doesn’t mean that you need to throw a pile of money at the most expensive systems around – that won’t necessarily make you any safer. Instead business owners need to be surgical in their approach and apply security technologies to their most important assets. In order to do that, they need to understand what they need to protect, and why.
So take a step back, look at your business and think about what information you handle, and how that could be valuable to someone else. This will help you lay out what your key assets are that need protecting, and establish how you can protect them. It’s a bit like chipping away at an iceberg – you need to examine the whole to figure out how to tackle the smaller parts. In order to do this, you might need to bring in an external expert, like us, to help you see weaknesses you never even knew where there, and provide a fresh, impartial perspective to your security. Through probing, white hat hacking and extensive tests, third party security vendors can expose weaknesses and provide bespoke solutions.
The most important part of this entire process is thinking like a bad guy. Understanding what types of information could be useful will help you understand what needs the most protection, and establishes a list of priorities. So imagine you are a cyber-criminal looking to steal identities. You need to get your hands on names, addresses, telephone numbers, credit card details and personal information. While you may not be able to get all of what you need form one source, by hacking into a business database you can find 90% of what you need, leaving you with a small amount of leftover legwork to do. Now think about where that information is stored within your business, and how it can be accessed. If you can, try to figure out how you would access that information from the outside, and then work backwards from there.
At All Your Computers, we specialise in helping you understand where the gaps are in your cyber security and plugging them for you. With our expert advice, your business can be more secure against cyber attack and malware infections, without breaking the bank. For more information, get in touch with us today and book your free consultation.