Malware: Who’s to Blame?
Every week there’s a new security breach. The Heartbleed hacks that hit Mumsnet and Canada’s tax agency;made recent headlines and more recently the eBay breach.
Hackers are evolving, yet enterprises aren’t keeping pace. NTT Group’s 2014 Global Threat Intelligence Report revealed that 43% of incidents in 2013 were the result of malware.
Businesses were missing basic anti-virus, anti-malware controls, and demonstrating ineffective vulnerability lifecycle management. Malware won’t go away, so there is an increased onus on IT to get the basics in place to protect their businesses against these threats.
The GTIT report revealed that half the vulnerabilities detected had patches available (some for 2+ years) yet they hadn’t been installed. Anti-virus failed to detect 54% of new malware. The cost of unmanaged risk is increasing. The report suggests that prioritising controls and putting risk in context could have saved one company over $100K.
It's time to get the basics right and save your business reputation and money
Organisations aren’t embracing the basic controls required for a solid and secure foundation even though considerable money could be saved through their implementation. More sophisticated threats require advanced controls to keep pace.
Basic measures will reduce a firm’s exploitable footprint and increase their security threat responsiveness.
As a minimum, organisations need to:
1. Assess priority risks first
2. Validate and implement appropriate controls
3. Ensure controls have been implemented
4. Test regularly for effectiveness (including ensuring critical patches are in place)
One important basic measure is vulnerability scanning. Intelligence of this kind is invaluable, offering insight into how attackers could use vulnerable information to gain access to the organisation’s data assets.
IT departments should also analyse logs to identify statistics and trends over time to predict future risks.
Have you considered incident response planning? 77% of those surveyed had no incident response plan even though it’s critical in minimising the immediate and future impact of a breach.
A current well-defined and well-articulated plan will better prepare organisations to handle incidents effectively and consistently.
Working with a trusted provider to implement these basic measures offers benefits:
- Augmenting the in-house skill set.
- Enabling the organisation to focus on its business.
- Providing objective information so that management can understand, prioritise, decision and manage risks.
Support the basics with process and operation
Performing regular operations, testing controls and contextualising risk will reduce risk and improve decision-making. Organisational security must evolve so businesses are collaborating with Managed Security Services (MSS) partners for active threat management.
APT (Advanced Threat Protection) simulation is another approach recommended to businesses.
Governance, Risk and Compliance (GRC) is imperative in an organisation’s continuous risk management approach.
When compared to those organisations that don’t, organisations actually implementing PCI DSS scanning (a recommendation by the PCI Security Council) have a smaller vulnerability footprint and can remediate nearly three times faster
Stop the blame game
With hackers and attackers increasingly on the offensive, businesses need to increase their defense to ensure the basics of threat avoidance, threat detection and incident response are all in place to put risk in context and to mitigate and avoid the incidence of high-profile security and data breaches.