Four innovative ways to tackle the security conundrum
Security

Four innovative ways to tackle the security conundrum

If there’s one thing that many businesses fear, it’s being targeted by cyber criminals and having their technical infrastructure compromised. According to a report from Lloyd’s of London, global cyberattacks can end up costing anything from $4.6 billion to $53 billion.

The insurance giant compares global cyberattacks to natural disasters like hurricanes, creating similar financial damages. Meanwhile, statistics from the UK Government claim that half of British businesses have been hit by a cyber breach or attack in the past year. Many of these firms have reported loss of files and corrupted systems.

Companies are hot targets for hackers, who see an opportunity in getting hold of lucrative business and customer data. But when hacks occur, it’s not just money firms are losing. Internal efficiencies are also damaged, not to mention reputational damage if customers become victim.

Luckily, businesses are beginning to take action. Technology research specialist Gartner predicts that spending in the cyber security arena will reach $98 billion in 2018, a sign that companies are taking this epidemic seriously. And in many cases, they’re showing a sense of creativity when it comes to implementing effective solutions.

 

Monitoring the dark web

Digital Shadows is one of many companies developing pioneering technologies in the cyber security sector. It’s developed a service that monitors criminal forums (including the dark web) for evidence of activity against that company. So if business data such as passwords, financial information and intellectual property were to end up for sale online, firms would be able to take action.

According to the company, when firms get breached, they don’t recognise that they have for around nine months. This means that if a company like Digital Shadows can find evidence, then the breach can be shut down and damage mitigated. Michael Marriott, research analyst at the company, says this technology can transform the way businesses approach cyber security.

“The cybercriminal has the advantage of surprise and stealth. They can spend months scoping out targets, identifying weaknesses and when they do infiltrate a network it takes an organisation, on average, nine months to detect a data breach. If we can minimise this window then we can minimise the damage,” he says.

“Keeping up with cyber criminals means understanding their methods and how they collaborate. For example, it is possible to gain intelligence and find out what threat actors are talking about on criminal forums. If they are looking to target a particular system, application, or client then action can be taken to prevent an attack.

“If breach data is being sold then (for example) user names and passwords can be shut down and customers alerted. Sometimes breach data ends up on paste sites and it’s often possible to automate the process of getting this taken down. This approach is known as digital risk management and key to protecting organisations and communities from the security and privacy risks of the next wave of the digital economy.”

 

Focusing on employees

Often, when it comes to approaching cyber security, companies employ specialists to ensure they have the best practices in place. But many cyber criminals are beginning to target employees, and often they’re not aware of the risks. PhishMe, another leading cyber security firm, believes that companies need to involve staff in fighting hackers.

Aaron Higbee, PhishMe co-founder and CTO, says companies are more effective at responding to cybercrime by working with their employees. “Conditioning employee behaviour is essential to transforming employees from a risk factor into a security asset, and many companies see this as the goal of their cybersecurity initiative,” he tells us.

“When employees can spot phishing attacks and feel empowered to report them, a stream of intelligence is created that can produce powerful visibility on attack patterns and malware strains, helping speed incident response and prevent potential attacks.

“The success of this process lies also in the gamification of the phishing experience, and the integrated nature of its deployment. It’s a game employees forget they’re playing until they lose, and which they learn from when they do.”

 

Cutting through the data noise

Based in New Zealand, Endace is also developing innovative technology and creative approaches for the cyber security sector. It acts as a CCTV camera for corporate network traffic, working with a client base that includes everybody from famous government agencies to four of the top 10 FTSE 100 organisations.

Cary Wright, VP of product management at Endace, says this technology can streamline operations for key decision-makers: “Today, CISO’s are trapped in a vicious circle. The number of security alerts and events being detected are increasing by the day, the consequences are escalating and the available talent to remedy the problem is in short supply. As a result, critical alerts that may give early clues to a breach are going unnoticed.

“To gain an edge, creative CISO’s are investing in tools that accelerate investigations with greater accuracy. By doing so, they are reducing the growing pile of security alerts that need to be reviewed and simultaneously increasing the amount of time to deal with the ones they need to. Just like treating an illness early can lead to better prognosis, getting to the important alerts earlier can often stop an assailant before they find the critical data.”

 

Putting an emphasis on training

Ensuring that there’s enough fresh talent in the cyber security world is crucial in fighting online criminals, and London-based start-up Immersive Labs is using cloud technology to make this happen. It’s created a platform aimed at accelerating assessment and training in cyber security.

How is the industry gradually responding to the cybersecurity skills shortage? Check out: Critical lack of skills could be the biggest security challenge

The Digital Cyber Academy, which launched in Canary Wharf, encourages full-time students around the world to develop cyber skills by taking part in real-world exercises. There are online cyber labs and global leader boards that can be used by employers and recruiters to fill the cyber security skills gap.

Robert Hannigan, ex-director of GCHQ, says: “Identifying, developing and measuring practical cyber security skills is the great challenge for all companies today. The Immersive Labs approach is the most exciting thing I've seen in this space: scalable, agile and appropriate to the way a new generation learns. It has the potential to disrupt and transform this crucial market.”

During the launch event, company founder James Hadley said: “We have acknowledged that academic background has little bearing on an individual’s ability to develop much sought-after cyber skills. The Digital Cyber Academy will enable millions of students to develop knowledge and hands-on skills, allowing them to be recognised as highly cyber skilled by potential employers. We’re looking forward to building a community of cyber security talent from around the world, on a single platform.

Cybercrime is growing rapidly, and it’s clear that many businesses are struggling to stay ahead of hackers and other online criminals. While the threats keep evolving, they need to invest in the latest technologies and think out of the box to keep themselves and their customers protected.

PREVIOUS ARTICLE

«What do users really think of All-Flash Arrays?

NEXT ARTICLE

Is upskilling the obvious answer to the IT shortage?»
Nicholas Fearn

Nicholas is a technology journalist from the Welsh valleys. He's written for a plethora of respected media sources, including The Next Web, Techradar, Gizmodo, Lifehacker, TrustedReviews, Alphr, TechWeekEurope and Mail Online, and edits Wales's leading tech publication. When he's not geeking out over Game of Thrones, he's investigating ways tech can change our lives in many different ways.

Our Case Studies

IDG Connect delivers full creative solutions to meet all your demand generatlon needs. These cover the full scope of options, from customized content and lead delivery through to fully integrated campaigns.

images

Our Marketing Research

Our in-house analyst and editorial team create a range of insights for the global marketing community. These look at IT buying preferences, the latest soclal media trends and other zeitgeist topics.

images

Poll

Should the government regulate Artificial Intelligence?