Do we need to rethink cyber security?
By Peter French, Synapsys Managing Director
Two takeaways from the 2020 Acronis Cyber Readiness Report have left me scratching my head. First, 32% of companies reported that they haven’t been targeted by cyber attacks in the past three months. Compare that with the 9% of companies reporting hourly attacks, and 22% reporting daily attacks. Now consider that encountering an attack doesn’t mean the attack succeeded and, indeed, you can only block an attack if you know it’s there.
Personally, I’d rather do business with the companies that know they’re being attacked and are doing something about it than the three in 10 that think they’ve never been targeted. Not only have they almost certainly been targeted, but because they are unaware of this, criminals are lurking on their systems with impunity, learning and biding their time for maximum damage and/or profit.
The second takeaway from the report that caught my eye was that, according to Acronis Cyber Protection Operations Centre (CPOC) experts, corporate security policies and tools are still based on compliance rather than actual business or market needs. Take phishing, for example. Despite the increased sophistication and accessibility of cyber attack tools (ransomware as a service is available for as little as $100, and at $10 million per ransom, that’s not a bad ROI), phishing is still one of the most common tactics used by cyber criminals either as an end in its own right, or as a gateway to a more sophisticated attack.
And yet, as the report points out, there is no industry response to phishing. Even something as simple as a “Report this e-mail as phishing” link at the bottom of an e-mail, or blocking links from unverified senders, is not yet common practice.
Are we getting better at cyber security?
While this paints a fairly gloomy picture of the state of cyber security around the world –and according to Acronis, South Africa reports twice as many malware attacks as the global average – I don’t think it’s a case of us not getting better at preventing attacks. Consider how fast attacks have transformed and become more sophisticated since the days when a single corporate firewall was enough to protect your organisation. Today, those rows of stationary, wired-in desktop computers and mainframes have been replaced with smartphones, laptops, tablets and cloud computing, augmented by artificial intelligence, the Internet of things and all the other innovation that is driving digital transformation. On the one hand, we’re doing okay cyber security-wise.
But then also consider the dramatic rise in ransomware and other attacks this year and the fact that people are still the weakest link. It’s clear that more of the same is not going to be enough and that we need to do things differently.
This imperative is only going to increase as #workfromhome becomes #workfromanywhere, with employees bringing devices back onto corporate networks, and also expecting to work remotely. According to the Acronis report, South Africans are very much in favour of this, with higher percentages of respondents preferring an 80:20 remote vs office split, or a fully remote future.
How do we need to change our cyber security thinking?
One way is through the technology shift being driven by Acronis that combines data backup with cyber security. Of course I would say that, leading one of Acronis’s distributors in Africa, but the innovation really is elegant and almost obvious. Acronis’s cyber protection services reflect that today, these functions go hand-in-glove. Not only does Acronis Cyber Protect allow organisations to restore their valuable data quickly and completely in the event of a breach, but ensures the restored data is malware-free to avoid reinfecting the system.
Our partners have already seen this in action when other cyber security services have failed to stop an attack and restore the data. And with ransoms reported as being as much as $10 million, if you’re looking for a way to show ROI on your security spend, this is how.
A single pane of glass
The second aspect of Acronis Cyber Protect that moves the needle is the single, integrated pane of glass that allows security administrators to see at a glance the state of the devices and networks on their watch. This saves time and effort, but also the whole is worth more than the sum of the parts. A single system is able to make valuable connections between various metrics and trends to produce insights that disparate systems would need a lot of MacGyvering to even come close to.
This freed up time could, I’d suggest, be used by infosec teams to proactively enable their organisations, freeing them from the historical role of reactive enforcers.
Another paradigm we need to shift (and this is something I currently don’t have an answer for) is tackling the human element and education around cyber security. Despite the best efforts of training programs, humans are still the weakest link at work, at home, at their favourite coffee shop and the hot desking environment they choose to work from.
Humans are obviously humans, and are prone to mistakes especially when stressed, tired, under pressure or doing repetitive tasks. And while it’s obviously not up to infosec to fix the state of the workplace, this does point to a wider responsibility for cyber security in the organisation. Consider physical security: it’s up to everybody from the C-suite down to safeguard the office and each other and, say, not let unauthorised people onto the premises. Why should cyber security be any different?
I do think, just like the “report phishing” link at the bottom of an e-mail, there are human-centred interventions that we need instead of, or as well as, the traditional top down cyber security education. Interventions that don’t impede people’s workflow and efficiency, but build prevention, protection and awareness into everyday activities. So that, ultimately, cyber security truly does become as ingrained as something like road safety.
A last word
For cutting-edge insights, I highly recommend registering for next week’s Acronis Global Cyber Summit (virtual) – you’ll have access to hands-on interactive workshops, informative breakouts, inspiring keynotes, and the opportunity to meet some of the most successful MSP experts and cyber protection practitioners in the world.