One of the most scary statistics that crops up in the myriad of annual cyber security reports that get published these days is the time it takes for a cyber security breach to get noticed. What's more it's rarely the victim that actually discovers it for themselves. This is evidence if ever it were needed that many businesses remain blissfully unaware that their cyber security investment isn't actually delivering. It could well be a symptom of the way we now operate, mostly relying on others to do that which is not core to our business. Subscribing to a range of cloud based services is very convenient not to mention cost effective, however cyber security would seem to be something that increasingly falls outside of any one entity's responsibility !
File based threats are a perfect example of something that gets overlooked and as such hackers are primed to take advantage of the situation.
The solution ? Being able to spot 'indicators of compromise' tell tale signs that there is stuff going on inside a system that could be suspicious. In cyber terms, the equivalent of the combined talents of a store detective and a CCTV system.
The challenge is delivering solutions that provide this type of service, which are fit for the intended market, namely SMEs.
Now, personally I believe that our industry, which for the most part is driven by the demands of large enterprises and the carriers that provide the IT infrastructure upon which we all rely, is part of the problem. Why you may ask ? Because who needs 24/7 support and 99.9999 protection from zero day threats when the vast majority of attacks on SMEs see them haemorrhaging customer data for nigh on 6 months before anyone notices !
If SMEs are going to deal with the challenge that now faces them, we need to deliver pragmatic solutions that are tuned to their needs. Who needs a Ferrari when a Nissan Micra will do !
Making up 99.3% of the nation’s private sector business, small to medium-sized enterprises are impossible to ignore if you are a cyber criminal. 92% of attacks targeted SMEs with a shocking 82%per cent believing they are too small to be targeted. The Federation of Small Businesses says otherwise, estimating the cost to the UK economy to be a staggering £5.26 billion. The individual costs of these attacks are growing as well. A survey published by Digital Economy Minister Ed Vaizey found that a single attack in 2015 could cost a company as much £310,800, a substantial increase from the 2014’s high of £115,000. Many choose only to protect the perimeter, ignoring file-based threats. As these sorts of attacks make conventional security methods utterly useless, an increasing number of hackers are seeing them as their most valuable tool.