I visited Land Rover Experience for Thrive & Fortinet’s Cybersecurity Briefing last Thursday, and I thought it would be useful to take you through some of my key takeaways from the event.
What is the cybersecurity culture of your business?
Cybersecurity culture is defined as a business’s knowledge of and attitude towards cybersecurity.
Naturally, this is something that will differ dramatically from business to business. Culture is often determined by the industry the business operates within. For example, with our eCommerce and retail work, the handling of customer personally identifiable information demands that a high value be placed on cybersecurity.
It was highlighted that the biggest challenge in cybersecurity is one of apathy; many businesses do not believe that an attack will happen to them, leading to a passive culture, one of indifference.
The Ponemon Institute surveyed hundreds of IT security professionals, revealing that employee negligence is the leading cause of data loss incidents (40%). So it’s critical that an aware and engaging cybersecurity culture is instilled in all businesses, particularly those that use IT to operate.
Establishing a strong cybersecurity culture through people, process and technology
People
One in three employees say they do not understand the importance of cybersecurity, so the change needs to start with the workforce.
How does a business ensure that its people are aware of:
- Different online threats relevant to their field of work
- The critical nature of cybersecurity relative to their success
- The processes to report on and combat online threats
Process
Does the business have clear, well-documented processes for:
- Identifying online threats
- Documenting and elevating online threats
- Combatting online threats
- Reviewing and learning from online threats
- Sharing knowledge across the business
Technology
Is the business investing in the right tools and technology to equip its people with everything they need to combat online threats?
Monitoring cybersecurity performance through trackable metrics
With the growth in the rate of feature development in ever-evolving software platforms, businesses need a corresponding increase in security enhancements.
Regular auditing of their cybersecurity setup should be a process. Cybersecurity metrics provide business-as-usual data for businesses to decide whether they need to enhance their security.
These include, but are not limited to:
- Security incidents
- Intrusion attempts
- Unidentified devices
- Uptime and downtime
Mean-time metrics
These metrics focus on the time it takes to measure certain aspects pertaining to an online threat.
Mean-time-to-Detect (MTTD)
The time it takes a cybersecurity team to detect a threat or data breach.
Mean Time to Resolve (MTTR)
The time it takes to respond to an online threat.
Mean Time to Contain (MTTC)
The time it takes to close an identified attack vector across all your endpoints.
Mean Time Between Failures (MTBF)
The amount of time between two failures of a system or product.
Mean Time to Acknowledge (MTTA)
The time a business takes to acknowledge an incident and begin working on resolving it.
Mean Time to Recovery (MTTR)
The time a business takes to recover after a product or system failure.
Trends in cybersecurity as we go into 2023
There was also some insightful information given on the trends in cybersecurity, which I will give an overview of below.
Malware-as-a-service (MaaS)
This refers to the illegal lease of software and hardware for carrying out cyber attacks. Owners of MaaS servers provide paid access to a botnet that distributes malware.
Bug Bounty for Ransomware
Ransomware groups issue bug bounties, which are rewards to any person who identifies an error or vulnerability in a computer program or system. In turn, this helps ransomware groups to improve the quality of their product.
Artificial Intelligence (AI)
Despite it being a buzzword on everyone’s radar for what seems like an eternity now, we are still only scratching the surface of what AI technology can do. Certainly, AI will have a deep impact on the attack surface and sophistication of cybersecurity attacks, and automation of security management will need to leverage advanced AI to keep up.
Zero Trust Access
Access to systems should be as granular as possible, with people having the bare minimum they need to perform a task or activity, and the permissions should be revoked when no longer needed.
Final thoughts
To avoid an apathetic approach towards cybersecurity all staff need to be well informed on the threats faced, and the processes that are in place to combat them. Therefore, a strong cybersecurity culture is one that sees a business put its people at the heart of its policy and process.
Our recent posts
Keep up to date with the latest news and insight from the team at Venditan
