by Bharat Mistry
We all know the UK is under attack on an unprecedented scale. A government report from 2016 claimed two-thirds of large businesses had been hit over the past 12 months. The launch of the National Cyber Security Centre will help, of course. But for IT and business leaders looking to craft an effective cyber response, it’s vital to know what’s actually happening on the ground. That’s why Trend Micro recently interviewed hundreds of decision makers on the IT coal face. With their feedback, we produced a report which will help to reveal the scale of the problem facing firms, their key cybersecurity challenges, major areas of weakness, and what IT teams are doing to respond.
We found that the vast majority favour a coordinated, multi-layered approach featuring advanced security tools from a single, established vendor.
A cyber barrage
It’s clear from those we spoke to that today it’s not a case of ‘if’ you’re successfully attacked but ‘when’. Nearly half of respondents (48%) said they’d suffered a major attack over the past 12 months and over a quarter had experienced more than three attacks. Why is lightning striking several times in the same spot? Because it can. It’s clear organisations are struggling to mount an effective defence of key data and systems and the black hats are only too ready to take advantage.
Unsurprisingly, ransomware and phishing were the most common attack types. But going forward things are changing. Just 8% flagged ransomware as a potential concern for 2017, suggesting messages around security best practices are getting through. But fears over targeted attacks, phishing and cyber espionage persist. These challenges are inextricably linked. And even with improved staff training, attacks can be difficult for employees to spot. So, it becomes even more important to find tools which not only stop malware at the door, but can also spot threats that have made it onto the network as soon as possible, to minimise their impact.
The right blend of technology and policy will also help IT leaders combat what they revealed to be their biggest challenges: a lack of understanding about cyber threats; the unpredictability of hackers; and the fast-moving nature of the threat landscape.
Layer upon layer
In a modern organisation every endpoint represents a potential gateway for hackers. It’s a fact acknowledged by respondents, with two of the top three threat sources given as unsecured public Wi-Fi (14%), and inadequate device security (12%). These endpoints will continue to grow as the IoT gains an ever stronger foothold in organisations. Gartner claims 3.1 billion connected things will be in place in businesses globally by the end of the year.
So what’s to be done? IT leaders we spoke to claimed the mobile threat could be mitigated via things like improved staff education, enforcement of compulsory security on devices, and only allowing staff to choose from a list of pre-approved devices. Undoubtedly these will help, and IT bosses would do well to combine rather than cherry pick such approaches.
But perhaps the biggest takeaway from the report is the overwhelming support for advanced security tools as part of a layered approach. Nearly two-thirds (64%) of IT leaders said advanced security is effective at preventing cyber attacks, and many are already using or planning to incorporate tools like behavioural analytics and machine learning in the future.
UK firms may be faced with a seemingly endless barrage of threats from cyber space, but help is at hand. To find out more, read our new report here.