IT security doesn’t just mean preventing attacks from occurring, it also means being able to respond as quickly as possible if something does happen. Many companies rely on standalone solutions, which lead to delays and fail to ensure a continuous overview of threats or end-to-end communication. Comprehensive, modern security is the best way to get maximum protection.
Emotet is the latest trojan to cause serious damage to companies and government authorities, in a clear sign that the hacking scene is alive and well. Web criminals will exploit any and all vulnerabilities to infect entire networks, paralysing them. The easiest way to target victims and gain entry is e-mail, which is used in most cyber attacks even today. “Eighty to ninety per cent of all attacks begin with an infected e-mail. It doesn’t matter the industry or how large a company is, corporate groups are just as affected as microbusinesses,” explains Dirk Eberwein, a pre-sales security consultant at Bechtle.
Not everyone, however, has fully understood this reality. Smaller companies in particular often still assume that their niche position shields them from attacks. That’s patently false, as Mr Eberwein emphasises: “Hackers today will exploit any vulnerability. Often they sidestep the large companies and go straight for, say, a small auto supplier so they can then also infect the bigger car manufacturer downstream. In the end, hackers always find the weakest link in the chain and target it.”
Dirk Eberwein, Presales Security Consultant
To minimise such vulnerabilities, companies and government authorities must overhaul their IT security strategy as traditional approaches often fall short in today’s age of intricately connected technology. “The first key step is to create visibility within your company network. Specifically, this means knowing, for example, exactly which devices are on your network, who uses which cloud services, whether these services are even permitted and which applications are used. This is the only way you’ll be able to detect that something’s amiss in your network—if you can’t see it, you simply can’t fight it,” explains Mr Eberwein. Smart security solutions are useful in this area.
Time is another major factor. It's critical that companies react quickly to limit the time between attack, discovery and containment. “This will help prevent the actual malware from being uploaded following the initial infection, for example, thus preventing widespread data siphoning,” clarifies Mr Eberwein.
What’s important is to scrap the “best-of-breed” approach, prevalent in the past few years, which consists of picking the best solution in each area. Companies end up having to implement and manage too many solutions from different providers. “The problem with this is that there’s no context sharing, meaning the solutions can’t communicate with each other. Not to mention that IT staff is overwhelmed, since they aren’t able to fully understand the intricacies of every solution,” continues Mr Eberwein.
In future, consolidating individual vendors will become the key to ensuring an integrated security architecture, thereby laying the groundwork for optimum protection. “Cisco Security offers not only standalone solutions but also an entire architecture. The benefits are obvious: their solutions communicate with one another, threats are quickly identified and companies are able to respond immediately,” says Mr Eberwein .
Many companies rely on a motley assortment of standalone solutions from various vendors, resulting in slow communication and poor oversight. What should be done in this case? “The first thing to do is take a step back. Using a cyber security assessment, Bechtle can help customers gain an overview of their network to see which solutions they already use, which ones communicate with each other and how they can be consolidated,” explains Mr Eberwein.
In addition, many companies lack any sort of process for responding to cyber attacks. Aside from the technical considerations, an organisational plan specifying whom to alert and when, and where to report an attack, is crucial for a swift, legally complaint response. “Companies need to rethink their approach now instead of waiting for an emergency to act. That’s why we work with Cisco to provide comprehensive support to our customers, helping them protect their most valuable business asset, data.”
Presales Security Consultant
Get the best from the Bechtle update every two months directly into your mailbox. Click here to register:
Published on Feb 20, 2020.