Keeping up with cybercrime
Dealing with malicious attacks on IT systems has unfortunately become an unavoidable feature of today’s business environment and the importance an organisation places on combating cybercrime, more often than not, dictates how effectively it is able to respond to an attack. The Ponemon Institute recently released research, sponsored by HP, which surveyed 41 organisations across a number of sectors on the impact of cybercrime. The results showed a 45% increase in successful attacks compared with the previous 12 months, with the annual cost to companies responding to those attacks ranging from US$1.5 million to US$36.5 million. Even without such a survey, the recent spate of high profile attacks publicised by the media should serve as a clear warning to organisations that security must become a priority. A snapshot from just June to July 2011 shows reports of successful attacks on such names as Sony, Citigroup, the IMF, Sega, Gannet Co, The Washington Post, Booz Allen Hamilton and NATO. Cost saving opportunities While the Ponemon Institute’s study found detecting and recovering from attacks were the most costly internal IT activities faced by organisations, there was something of a silver lining. The Institute also identified significant opportunities for cost-savings if organisations adopted automated detection and recovery systems through modern security technologies. The use of Security Information and Event Management (SIEM) solutions proved an effective tool for reducing the time taken to identify and address attacks, resulting in big cost savings and improved security. SIEM solutions log the records generated by any and every device connected to a company’s network and analyse them to detect security threats. Such solutions are becoming more advanced and are able detect many discrepancies, at which time they either signal the administrators or simply block the perceived threat from gaining access. For example, if an employee number appears on the system trying to log into the VPN from Beijing, while they are also showing up as present at the company HQ in London, red flags will go up. This early detection has been proven to mitigate the impact of cyber attacks substantially, increasing security and reducing the (not unsubstantial) costs associated with cleaning up after a breach significantly, as breaches are picked much earlier. There is an even greater onus on organisations to place more focus on the importance of security to provide assurance to stakeholders, partners and clients. By acknowledging the growing risk of cyber attacks, an organisation can then take steps to further boost protection. Simple actions such as identifying where an IT system is vulnerable, or the most common methods used to breach systems, enable a company to prioritise spending in those areas requiring urgent attention, ensuring the maximum return on investment. However, this is easier said than done as there remains a reluctance among companies to increase investment of time and money toward security issues. Among those 41 companies who responded to the Ponemon Institute survey, 67% reported an increase of successful attacks, but just 35% said there had been an increase to their investment in combating security threats. A further 43% said their budget was ‘inadequate’ for managing such threats, preventing investment in either technology or skilled staff. Developments in technology have allowed more company data to be stored online than ever before and the explosion of mobile devices has lead to the creation of new ways to access this data. Organisations cannot afford to ignore the risk of cyber attacks and as the attackers grow in number and sophistication security systems must be bolstered accordingly. Put simply, it is not a curve you want to be caught behind.