Sponsored by:
Produced by:
Ben Azvine
GLOBAL HEAD OF SECURITY RESEARCH
Do enterprise businesses take cybersecurity seriously enough?
Over the next few years, enterprise businesses simply have to get better at cybersecurity. Long gone are the days when a cyber threat was a fifteen year old child sitting in their bedroom, seeing what businesses they can hack into for fun. Cybercrime is now a seriously organised criminal affair, with full supply chains of attackers providing expertise and knowledge. You can even purchase malware on the internet now, eliminating the need for any coding knowledge! Whilst most cyber attacks are still launched with the aim of extracting money from an organisation, there are an increasing number of ideological attacks occurring as a form of protest against ‘big business’.
Alongside understanding external threats, enterprise businesses also need to get better at understanding internal threats. The adoption of new technologies in enterprise businesses is rapidly picking up pace. Many organisations are adopting new technologies without taking the time to think about the security implications they may bring, and as a result are making themselves more vulnerable. The Internet Of Things (IoT) is a very good example of this. The business case for deploying IoT is very strong, but many enterprise businesses are failing to consider the additional threats that they will be exposed to as a result.
Cybercrime is now a seriously organised criminal affair, with full supply chains of attackers providing expertise and knowledge.
AI can detect cyberthreats within seconds and with the right automation can eliminate the threat in a tiny fraction of the time it would take for a human analyst to do so.
What threats do enterprise businesses need to be aware of in the immediate future and how can they be overcome?
There are main threats that enterprise businesses need to be aware of in the immediate and near future. The first is ransomware - encryption technology that, ironically, protects your data and prevents you from accessing it unless you pay a significant sum of money to unlock it. The second major threat is supply chain attacks. It’s no longer enough to have good security practises yourself, you also have to ensure that you work with businesses who have good security practices in your supply chain. A supply chain attack will affect the entire supply chain, and the initial victim is not the intended final victim of the attack. The supply chain actually does the job of spreading the malware on behalf of the attackers.
To overcome these threats, businesses need to utilise AI. AI can detect cyberthreats within seconds and with the right automation e.g. human-in-the-loop or human-on-the-loop automation can eliminate the threat in a tiny fraction of the time it would take for a human analyst to do so. Alongside this, adopt a Zero Trust policy with novel Continuous Authentication technology to ensure that anyone or anything that connects with your network doesn’t pose a threat. The principle of “Don’t trust, always verify” should also include all of your suppliers and any cloud storage solutions you utilise.
With a lack of specialised cybersecurity staff, where should enterprise businesses prioritise their cybersecurity efforts?
In reality, enterprise businesses are never going to have enough people in their cybersecurity teams to adequately protect the organisation. Because of this, education and training of colleagues across all other business departments is absolutely essential to minimising the risk of cyber attacks. More often than not, cyber attacks have been caused by a simple mistake such as an individual clicking on a phishing email or using a weak password. Having a focus on education and training beyond your security teams will help to minimise the occurrences of these individual mistakes - make it be seen that cybersecurity is everybody’s responsibility. To identify who needs training as a priority, create your own phishing emails and send it out across the business. Anybody who clicks on a link on that email becomes your first priority for training!
Education and training of colleagues across all other business departments is absolutely essential to minimising the risk of cyber attacks.
BT are one of the world’s leading communications services companies. Their solutions are integral to modern life, connecting people all across the world in a secure and accessible way.
