Why we must assume that a hacker attack WILL happen

With cyber-attacks on
the rise, smaller businesses need to stop hoping they’re not at risk and start
assuming that they will be subject to a breach – it’s just a matter of time

The reality is not a day goes by without a cyber-attack getting mentioned in the news, but according to Internet service provider Beaming there are 66 hacker attacks in the UK per hour – or 1,584 per day – so the media coverage barely scratches the surface. We all seem to be aware that using technology comes with risks and yet, in 2019, three
quarters of UK firms were deemed to be “novices” in terms of their cyber
readiness.

Being subject to an attack is costly, more so now since the introduction of GDPR, with the average loss from a breach now reported at $369,000
(£280,434), an increase of 61% from the year before. With this knowledge, it’s imperative that businesses ensure their infrastructure is watertight – but it’s no longer enough to be cybersecure, you have to be cyber resilient too.

You can’t have one without the other – cyber resilience is a counterpart to cybersecurity, not its opposite. Though the two overlap, cybersecurity focuses more on reducing the risk of an attack from happening, whereas resilience places a larger emphasis on keeping your business operational during an attack, and recovering from it. The statistics above show that the volume of attacks is extremely high, which is why those that work in the industry assume that eventually at least one hacker attempt will get through.

To some it may be viewed as a pessimistic approach, but the threats we face are changing all the time and will continue to do so as we become more and more reliant on technology. It’s almost a game of ‘cat and mouse’ – hackers evolve their methods, businesses adapt, and then it changes again and suddenly we have to find new solutions to new problems.

So how can you build a cyber resilience strategy which will enable your business to stay as functional as possible during such a disruptive event? Here are five top tips:

1. Get everyone involved

It’s not just your IT departments’ job to ensure the online safety of your business, everyone should be trained in the importance of both cybersecurity and cyber resilience and why it matters. Cybersecurity training will focus on educating employees on the different ways hackers can get access to valuable company information (i.e. email phishing), what to look out for and who to raise any suspicions with – no matter how big or small those suspicions are. Resilience training will involve everyone knowing how the business will continue to operate, should it come under attack.

2. Protect your critical systems

Being cyber resilient requires preparation, below are four useful techniques to protect your critical systems from being affected by a cyber incident:

1. Realignment – Minimise the connections between critical and non-critical systems, reducing the probability that a non-critical system breach will spread to a critical one.
2. Access Control – Restrict critical systems access solely to those who need it to do their jobs.
3. Redundancy – Where possible, have backup critical systems with separate protections in place.
4. Segmentation – Segmenting your network according to importance and trustworthiness will prevent a breach from affecting your entire system.

3. Develop an effective incident response plan

The characteristics of a cyber resilient system can be broken down into four phases, according to The National Cyber Security Centre. The phases are:

2. Prepare (through preventative security)
3. Absorb (reducing the risk of an incident escalating)
4. Recover (developing and executing an incident response plan)
5. Adapt (not only after an attack but also to the ever-changing landscape)

Business leaders should first look at their own internal structures and processes to determine where there could be any weaknesses. From there, there should be a thorough plan for each of the four phases above – this will most likely involve input from a number of teams.

4. Run Simulations

Simulate a company-wide security incident at least once per year. Run through the steps your business will take in the event of a breach or attack to see how well your plans work out.  Exercise in a Box is an online tool from the NCSC which can help you to test and practise your response to a cyberattack. This will allow you to iron out any kinks in your plans, so when a real life event occurs you won’t be caught off guard.

5. Review and adapt

This step is crucial, your cybersecurity and cyber resilience governance strategies must be reviewed on a regular basis as your business grows and develops new weak points. Previously implemented measures may need refreshing to ensure they remain in line with your legal and regulatory requirements; this will likely require board-level commitment and internal auditing. New weaknesses will also open up as hackers employ more sophisticated attacks to get access to sensitive information. As mentioned earlier, people can be your strongest defence, but they must be trained up and informed of any developments if they’re to help detect any potential threats.