We all know what a car is. Chances are, if you are reading this, then you drive a car. We all should therefore know what an engine temperate gauge is. Of course we do. It is an early warning system.
I have had a car engine overheat twice in in the past 30 years. The first time when I was a student, on the way to Sun City, and it resulted in the engine having to be overhauled – it was not a cheap exercise. Luckily, I won at the black jack table, and managed to pay for the engine to be repaired with my winnings. The second time I had an engine getting hot was a few years ago, and I pulled over, called for a tow truck, and skipped a big headache.
If your engine is overheating then is it too late? Depends … if you are alerted when the gauge starts to rise, then you can save the engine. But if you never know then it will probably end with the engine seizing. These days, modern cars will have warning lights that come on when the engine overheats. With my first car, we saw smoke coming out of the engine – we never noticed the needle starting to rise, and there were no warning lights back then.
If your car engine is getting hot you want to know about it. The last thing you want is for the thing to seize or explode. And likewise, if your computer network is heating up, you want to know about it. An early warning can save you from a disaster – know before it is too late.
In short: when the heat is on, be in the know. Don’t overheat or you may never recover.
A car is something we all are familiar with. A computer network not as much. Sure, we all know that the ultimate computer network, the Internet, is the infrastructure that allows you to read this article, catch an Uber, check into a flight, communicate with people around the globe, etc. But most folk don’t know how any of this works, and shouldn’t have to.
The IT folk that are maintaining and building this infrastructure should know, but when it comes to cyber security, it is often overwhelming to try understand where all the different products and services fit in. That is my experience dealing with corporates these past 2 years here in SA, and in other countries on the continent. We have a serious skills shortage.
Everyone knows that a firewall is fundamental, but what if wrong-doers bypass the firewall (it happens constantly) because of phishing attacks, illegal modems, un-checked USB drives, and the most simplest and cheekiest, a criminal just strolling into your office campus, charming their way past the front desk, walking into a meeting room, ordering coffee noggal, and then finding a LAN point and plugging in their laptop.
We need early warning systems. Notification devices that tell us if something is not right. Protection is one thing, but detection could save your ass.
The recent breach scenario at Liberty Life is not something you want happening to you. So, be proactive and deploy early warning systems. Lay down network traps. Honeypots can go a long way to making sure your engine never seizes.
Click here to learn more about a honeypot : https://vimeo.com/237585905
The risk of cyber attacks is growing constantly and this is something corporations around the world are coming to grips with. One major challenge is that most organizations do not have the ability to quantify this risk.
This is one of the reasons that so many companies have a blinkered approach of “nothing has happened, everything is running, so we are okay”.”
It has been said that there are three types of organisations out there:
- Those that have already been breached and don’t know about it (my research suggest that these are in the majority).
- Those that have been breached and have some idea of the scope and consequences and will be counting the costs for years to come.
- Those that will be breached.
All companies are challenged by the following :
Having an accurate view on their security posture on an on-going basis. This includes a view on their compliance requirements (ISO, PCi, POPIA etc.) and how their people, process and technology decisions are enabling them to meet their compliance, legislative commitments, etc.
The lack of specialist skills to ensure they extract full value from their technology investments and also that these technology investments are doing what they should to assist in adherence to compliance requirements.
There are never enough truly specialised skills available, so one or two generalists land up having to do everything – this is quite commonplace and it is fertile ground for the bad guys.
We are human and cannot function 24x7x365 – the bad guys on the other hand never seem to stop.
We cannot digest and interpret the huge volumes of information from multiple sources to detect the “blip in the radar” that indicates something is afoot.
Extracting actionable security insights from all the content flowing across the network, in time to make decisions that will stop incidents or at least limit the impact.
- Agility (Responsiveness)
The ability to detect cyber security incidents (incidents of attack and incidents of compromise) and the people and process to implement possible decisions made as a result of contextual insights.
Hacking exploits and exposés continue to dominate media headlines – and for good reason. In 2017 alone, according to McAfee and CSIR’s joint report ‘The Economic Impact of Cyber Crime – No Sign of Slowing Down’, cybercrime cost the global economy over US$600bn – of which approximately US$3bn was concentrated in sub-Saharan Africa. Alarmingly, recent estimates by Forbes indicate that cybercrime will cost US$6 Trillion per year by 2022 – an almost unimaginable number to most of us.
Whether state sponsored cyber terrorism, organised crime 2.0 or hacktivism, cybercrime makes a lot of sense to growing numbers of people. Just one of the reasons can be ascribed to current unemployment figures. Following depressed global economic conditions in recent years, attention has turned to other means of making a living and the rise of a new, unvirtuous cycle.
Cybercrime has become a viable ‘career path’ for a number of reasons, not least of which, is the perception that it’s a ‘victimless crime’, particularity in the corporate world. It’s also hard to trace and prove, and harder to prosecute. Legislation hasn’t kept pace with the evolving criminal landscape – some inroads have been made, but there is still a long way to go.
Connected and dangerous
Now consider just how low the barriers of entry are. It couldn’t be easier to access connectivity, purchase an exploit kit or two, read some forums, watch a few videos and away they go – the next cyber-criminal is on their way to graduating.
In fact, online crime is fast becoming industrialised through the efforts of criminal, multinational organisations on the dark net. One-stop shops are being developed and run like businesses with all the tools and services needed to commit cybercrime. Exploit kits, custom malware, botnet rentals and ransomware distribution provide a diverse toolkit for as little as US$100.
This is the new, sophisticated generation of organised crime. The motivations may vary between creating a new income stream to the thrill of the chase and everything in-between – hidden behind relative anonymity on the dark net.
Cybercrime as a Service isn’t a new concept, but is rapidly evolving to include everything a criminal could need including product development, technical support from help desks and even money-back guarantees.
Sophisticated crimes against the unsuspecting and underprepared
The ‘regular’ threats we see including those like ransomware holding data or devices hostage, or breaches threatening to expose sensitive data like medical records, banking details or personal particulars are fairly well known.
But there are emerging technologies that open an entirely new threat landscape. For instance, Blockchain technology is a robust, disruptive technology that is predicted by Gartner to increase business value-add to US$176bn by 2025. The newness of the technology presents cyber-attackers with opportunities for exploitation.
Alongside technological advancement will be the development of their cyber-criminal counterpart’s sophistication. For example, now viruses are smart and malware is equipped with artificial intelligence capability that self-adjusts until it finds vulnerabilities, is more energy-efficient and more effective than any human hacker, and also more economically attractive.
With this in mind, it is surprising that many organisations are underprepared or unaware of threats which in turn impedes their ability to identify attacks and defend themselves. Startlingly, NTT Security’s ‘2017 Global Threat Intelligence Report’ revealed that nearly 47% of vulnerabilities are more than three years old and only a third of companies had a formal incident response plan in place.
In summary, crime isn’t just for your neighbourhood hoodlum. It has evolved to open an entire digital threat landscape. So no matter your business size, maturity or perceived degree of cyber risk, it’s a business imperative to implement risk management and cyber resilience protection and defence strategies.