Weekly comment on the pressing IT issues.
Recently the website Information Age posed the question “If the worst happened and your business suffered a data breach, how would you handle it?”. This was a rhetorical question as they went on to outline some very sensible suggestions on a disaster response plan, especially around the topic of communication.
However, a lot of the other advice was centred around some of the basic methods that a business can take to prevent an attack occurring in the first place, notably passwords.
It has been known for a while that passwords, especially those of a non-complex variety, are cat nip to cyber criminals who will ‘crack and attack’ such technical shortfalls within seconds. Complex passwords, two-factor authentication and the deployment of digital certificates can all close these gaping holes in security with relative ease should a business wish to do so.
Most businesses would agree that taking such rudimentary steps is good governance, but many rarely get around to actually doing it, perhaps hoping that nothing more than good luck will keep them safe.
Luck may be running out if it’s not done so already, as Forbes magazine published their list of 60 cybersecurity predictions for 2018 on their website recently.
They are confidently predicting that 2018 will bear witness to more spectacular data breaches, such as the ones seen in 2017 where names such as Equifax and UBER have made headlines as the personal data of millions of their customers was compromised.
In their lengthy, but very readable piece, they discuss a wide array of scenarios from US government departments are becoming paralysed by nation state-sponsored hackers through to AI technologies as both a weapon and a defender.
For anybody working within the IT industry imagining such doomsday scenarios can make for fertile conversational fodder, but cybersecurity is ignored at one’s peril. Often it is seen as a problem that needs resolution, thus allowing a business to carry on as normal, whereas the reality is that it is more a continued and running battle against an ever-evolving foe.
To counter such fluid challenges SIEM (security information and event management) solutions are evolving beyond their log management roots and starting to incorporate machine learning and advanced statistical analysis into their offerings.
For those still considering if SIEM is the way to go for their business, the website CSO, from IDG, published an explanatory article that highlighted how this is rapidly becoming the tool of choice for CIOs who are demanding the highest level of detection and near real-time response. As CSO state, if a company gets hacked no CIO wants to have the board ask what happens and they have to admit that they don’t know!
The key deliverable with a SIEM solution is time, how fast can it help a business detect and respond to the threat landscape. However, like all software SIEM has limits and to be fully effective has to be supported by experienced staff and analysts. If not then many businesses who implement such a solution will find themselves chasing down a staggering amount of false alerts.
Cybersecurity advice, disaster response plans and future potential threats are plentiful, but perhaps the most succinct and salient response to the question posed by Information Age on “If the worst happened and your business suffered a data breach, how would you handle it?”, comes not from within the IT industry but from Benjamin Franklin, a former US President. He said, “By failing to prepare, you are preparing to fail” and any business that suffers a data breach has in fact failed.