Comprehensive Cyberattack Protection

By Jing Ertl-Yang

The world is digitizing - this trend covers a very different kind of businesses starting from medical treatment to restaurants and industrial plants and the speed of the trend has an exponential growth. This digital world trend is particularly relevant in the current time - quarantine implies the ability of business to adapt and be able to establish processes of virtual communication with customers and employees within the company. Thus, companies are increasingly succumbing to threats of being attacked by cyber scammers.

While enterprises are becoming increasingly concerned about this issue and are taking measures to control and reduce the risk of cyberattacks, the number of attackers is growing much faster than companies have time to hire additional strength to combat penetration. According to McKinsey's experts, there is a growing time gap between time to exfiltrate and time to quarantine in favor of the attackers, which is interpreted as hackers infiltrate and harm the company faster than the cyber security react to them.

Another feature of cyber security-related issues is the most common type of attack is very elementary like phishing, which accounts for about 80-90% of attacks. The range of attackers is very wide and represents both nation states with their cyber weapons and small groups of people or individuals using the black network to buy the attack code.

Nevertheless, it is important to understand that you cannot be 100% safe from cyberattacks, but you can prepare for them and be able to manage the risks and possible threats. Among the great variety of companies attackers will come to those that are more exposed and unprepared for surprises. Accordingly, it is important for professionals responsible for cybersecurity, like CISOs or CIOs, to be open to dialogue and exchange experiences with colleagues from different business areas or even build on strategic security partnerships.

One of the ways to solve the problem McKinsey's experts suggest building a model of digital stability inside the company - design of internal business processes in such a way that key information assets would be protected. Six critical actions can be taken to achieve digital resilience.

  1. It is worth understanding the close relationship of such elements as intrusion detection, identification and access control processes, data protection, etc. The more these blocks are interconnected and locked, the harder it will be to retrieve the sensitive data. At this stage, it is important to identify potential risks and access them not only addressing existing protocols, personnel, and tools but also governance, controls, the security architecture, and delivery systems.
  2. The next step will be to build a simple and achievable cyber security plan, covering 3 types of mechanisms: elements of business process management (changes to end-user behavior and business processes beyond IT), broader IT controls (changes to the IT architecture as a whole), and cybersecurity controls (the discrete technological changes designed to protect information, such as encryption, I&AM, and security analytics).
  3. This is followed by several operational processes, such as updating the security policies of passwords and access rights or reviewing the security architectures of applications. It may also be necessary to review the reporting system on cybersecurity issues and to improve skills and attract new workforce.
  4. It is important not to operate with abstract figures of the company's inclination to cyberattacks but to prepare several concrete options to represent risk reduction and resource levels.
  5. A comprehensive cybersecurity plan prepared at this stage should consider the internal features of the company's technology. Take time to rethink company's most important assets and business risks and then tailor its cybersecurity protections to meet them specifically.
  6. High cybersecurity costs may not necessarily reduce risks. It’s important to control these issues at a senior level that engagement must not only be sustained but also reinforced through clear actions and the inclusion of cybersecurity objectives in the senior team’s evaluations and incentives.

As the number of cyberattacks grows and the sophistication of the attackers increases, the issue of cyber protection and security comes to the fore. Nowadays, this is an increasingly serious issue that requires a comprehensive approach to manage and continuously monitor potential risks. It is crucial for CISOs and other professionals specializing in this issue to be aware of current trends and protection measures. Continuous communication in the IT community and sharing experiences with industry colleagues can be a great opportunity for new ideas.