At Bondgate IT, our focus extends beyond delivering top-notch IT solutions. We are committed to fostering a sense of community, promoting knowledge sharing, and assisting businesses to stay one step ahead in the ever-evolving digital world. On June 7th, we hosted an event at Flok Co-Working Space in Middlesbrough, delving into the importance of a multi-layered approach to cybersecurity, also known as “defense in depth”.
Garry Brown – Managing Director of Bondgate IT kicked off the event presenting the five laws of cyber-security:
What are the five laws of Cyber-Security?
- If there’s a vulnerability, it will be exploited
- Everything is potentially vulnerable
- Humans can sometimes trust when they shouldn’t
- Innovation brings along opportunities for exploitation
- When in doubt, always refer back to Law 1
If there’s a vulnerability, it will be exploited
Cybercriminals are always on the lookout for weak points, whether in software, hardware, or human behaviour. If they find a loophole, they will take advantage of it.
Everything is potentially vulnerable
No system is entirely foolproof. Given enough time and resources, every digital fortress has a chink in its armour that could potentially be exploited.
Humans can sometimes trust when they shouldn’t
Social engineering exploits are based on this law. Scammers often masquerade as trustworthy entities to trick unsuspecting individuals into revealing sensitive information or making unauthorised transactions.
Innovation brings along opportunities for exploitation
Every new technological development brings with it new potential vulnerabilities. As we advance, so do the techniques and strategies employed by cybercriminals.
When in doubt, always remember if there is a vulnerability, it will be exploited
When faced with uncertainty, it’s crucial to remember that any perceived weakness or vulnerability is a potential target for exploitation. Stay vigilant and always keep your guard up.
What are the team at Bondgate IT seeing?
We are in an exciting time of technological advancement, with the rise of AI, ChatGPT and the like. This brings further opportunities for exploitation, A recent article from TechRadar highlighted a concerning development in the world of cybersecurity. Hackers have started to exploit the capabilities of AI language models, such as OpenAI’s ChatGPT, to write malicious software. These advanced AI models can produce human-like text, which hackers are now using to create more sophisticated phishing emails and malicious scripts. This is a stark reminder of the dual nature of technology. While AI can provide numerous benefits and conveniences, it can also be exploited and used for malicious purposes if it falls into the wrong hands. It underscores the ever-evolving nature of cyber threats and the need for continuous vigilance and adaptation in our cybersecurity strategies.
The pace of technological change means that partnerships are required to successfully deal with these challenges.
Cyberthreats are now too advanced for any organisation to deal with alone
Garry Brown – Managing Director, Bondgate IT
Cybersecurity – A Multilayered approach
Garry closed out his opening speech discussing the importance for a multilayered approach to cybersecurity, also known as defense in depth.
This approach, originally a military strategy, involves multiple layers of defense designed to slow down an attack. If one layer is breached, others are in place to prevent further intrusion. In the context of cybersecurity, defense in depth can include physical security, network security, application security, and end user education.
Each layer provides a barrier against potential threats, making it harder for cybercriminals to breach a system. Garry emphasised that no single layer offers complete protection. Instead, a multi-layered approach, where each layer is continuously updated and monitored, is key to a robust cybersecurity strategy.
Understanding the Impact of a Cyber Attack on Your Business
Andre Lynch – Cyber Security expert from ConnectWise then took to the stage to discuss what the consequences of a cyber-attack were to businesses, and that they extend far beyond the immediate disruption. One of the key factors is ‘Dwell Time’, which refers to the period a cyber attacker has unrestricted access to your network before they’re detected and removed. During this time, threat actors can calculate how much you can afford and devise strategies to leverage that payment. They typically target up to 10% of your revenue for the ransom demand.
However, the full cost of a cyber-attack goes beyond the ransom. In fact, the ransom accounts for only 20% of the overall financial impact. The real damage comes from the downtime, loss of business, and recovery efforts, which can last an average of 21 days.
Moreover, the impact isn’t limited to your organisation. Your customers could also bear the brunt if their data is compromised or if they’re unable to access crucial services you provide. Increasingly, threat actors are taking advantage of this by directly targeting customers if they can’t extort the primary victim. In such scenarios, hefty fines are a strong likelihood.
There are ways to mitigate these impacts. A recent study by IBM’s Ponemon Institute showed that their customers who had advanced cyber services in place experienced cyber attacks, but the financial impact was reduced by 80%. This reduction was primarily due to the reduced downtime and impact, achieved by detecting and addressing the issue earlier.
Adopting a Proactive Stance: Reducing Cybersecurity Risks in Your Business
As the digital landscape continually evolves, so does the nature of cyber threats. Many businesses often ask, “How can we effectively combat these risks?” The answer lies not in completely eliminating the risk – an almost impossible task – but in diligently working to reduce it. Acknowledging the existence of cyber risk is the first step towards creating a safer digital environment for your business.
Understanding Your Company’s Security Positioning
“What should we focus on to enhance our cybersecurity?” is a common question we receive from businesses. Our answer is always: focus on your company’s overall security positioning. By doing this, you’ll better understand why certain security measures are suggested and determine whether they’re the right fit for your business. Cybersecurity isn’t a one-size-fits-all solution; it should be tailored to your specific needs and risk profile.
Following a Robust Cybersecurity Framework
Businesses often ask, “What’s the minimum we should be doing to secure our digital assets?” At the very least, every business should follow a proven cybersecurity framework. Good examples are either the UK Cyber Essentials Framework or the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework, which consists of five key functions: Identify, Protect, Detect, Respond, and Recover.
- Identify: Understand the cybersecurity risks to your systems, assets, data, and capabilities. This forms the foundation of your cybersecurity strategy.
- Protect: Implement safeguards to ensure delivery of critical services and to limit or contain the impact of a potential cybersecurity event.
- Detect: Develop and implement appropriate activities to identify the occurrence of a cybersecurity event promptly.
- Respond: Have a plan in place to act regarding a detected cybersecurity event. The goal is to contain the impact.
- Recover: Develop and implement activities to restore any capabilities or services that were impaired due to a cybersecurity event.
Adhering to these functions while aligning with compliance, insurance, and regulatory obligations can significantly reduce your cyber risk exposure. Remember, the goal is not just to defend against threats, but to build a resilient organisation that can swiftly and effectively respond and recover from any cyber-attack.
Conclusion: Enhancing Cybersecurity with A Multi-Layered Approach
In conclusion, managing cybersecurity risks in today’s ever-evolving digital landscape requires a proactive and comprehensive approach. By acknowledging the existence of cyber threats, understanding your company’s unique security positioning, and implementing a robust cybersecurity framework like NIST, you’re laying a strong foundation for defending your business against potential cyber-attacks. It’s all about reducing risk, enhancing resilience, and ensuring quick recovery should a breach occur.
We would like to express our sincere gratitude to Garry Brown and Andre Lynch for their insightful contributions to this vital discussion. Their expertise has undoubtedly helped shed light on the critical aspects of cybersecurity and how businesses can navigate this complex terrain.
We’re also thankful to all the attendees for their active participation and keen interest in enhancing their understanding of cybersecurity. The valuable insights and experiences shared during the event have enriched our collective knowledge.
Lastly, a big thank you to Flok Co-Working Space for providing the perfect venue for this important event. Their hospitality and support made the event an enormous success.
In the face of evolving cyber threats, let’s continue to prioritise cybersecurity, adopt a multi-layered defensive approach, and work towards creating a safer digital world for our businesses.