As the Internet of Things, Big Data, and Cloud computing all become commonly heard phrases within Field Service we must start to consider the very real question of cyber-security with ever greater attention. But what does Cyber security look like in 2015?
One of the significant themes that came through from the victims of high profile cyber attacks in the last year was that they all had heavy investment in IT security, regular testing programmes and almost certainly long lists of accreditations. However, event his was not enough to keep them safe from groups of attackers and the resultant losses and associated fines for such detected breaches.
This year the cyber security landscape will once again continue to develop swiftly as attacks likely become even more frequent and sophisticated and from more corners of the world than ever before. The one thing that will remain the same however is that investing in the wrong defences will again result in an openness to cyber attack and the potential of real damage.
Cyber threat actors are commonly split into three groups: nation states, cyber criminals and cyber activists or hacktivists. As 2015 evolves these threat factors look set to continue to advance their capabilities.
Often nation states – who see cyber attacks as being a cheap, effective and most importantly plausibly deniable espionage tool – can be the dark hand behind theft of proprietary or sensitive data for the benefit of one of their home-grown enterprises.
Cyber criminals, motivated by financial gain, have traditionally targeted a company’s customer base, stealing personal details or credit card information to use in fraud or to sell.
Cyber activists, motivated by a range of factors – including most simply personal amusement, but also factors such as, anti-capitalist sentiment, environmental concerns, religion and nationalism – base their activities on disrupting operations or generating embarrassment.
An ever-changing landscape
It is also predicted that many global political developments will also have their impact on shaping the cyber threat environment across 2015 and beyond.
Countries that not too long ago would have been clumsy and naive when it comes to their cyber capabilities have now established sophisticated capabilities by nurturing their local home-grown hacktivist groups.
Meanwhile new hubs of cyber criminal activity will emerge and will set their focus on new targets. Driven by the disparity between the rich nations and the poor on an international level, plus the growing access of IT and as such rapidly developing IT skills of members of the latter.
All of this is also become easier and being better facilitated by new ways of communicating, such as cyber criminals' and activists' use of the Dark Web to buy and sell hacking tools and techniques, using anonymous currency such as Bitcoin.
Another trend that we will likely see continue on from 2014 is the gradual blurring of the lines of the roles and loyalties of these threat actors. Last year we shad the emergence of criminals acting with a degree of impunity contingent on targeting politically expedient victims, or hacktivist groups becoming involved in attacks in support of government agenda.
As sophisticated tools and techniques become more widespread, and the distinctions between the threat actors become more blurred, the long-term outlook for cyber threats is concerning. The constraining factor previously was that the people with the intent to conduct widespread and high-impact cyber attacks – the activists and the criminals – did not have the capability. This may not remain the case for much longer.
How best to defend your organisation
Very simply throwing more money at the problem is no longer a viable solution.
With finite resources, it is just simply impossible to protect every asset against every possible threat.
The key is to understand which threat actors are likely to be targeting your organisation, what are your key assets and how do you protect those.
Modern Cyber defence needs to be intelligence-led, risk-based and prioritised – it is no longer just a compliance exercise.
There are five mistakes that organisations cannot afford to make during 2015:
- Taking a broad sweep approach: You cannot fail to build your cyber defences around a granular understanding of threat. In 2015 all cyber-defence programs should be intelligence led. This includes collecting operational and strategic information that helps you understand the specific nature of the threat. It may also be necessary across your supply chain, as vulnerabilities in subcontractors or suppliers often affect a larger organisation (or vice-versa) – attackers will always focus on the weakest link.
- Spending too much time, effort and money on prevention and not enough on detection. Companies need to just accept that breaches will be inevitable in todays world and spend time developing and testing response plans, moving form different types of attacks to highlight which plans are most important.
- Treating cyber security as an IT issue rather than a business risk. Many organisations accept that cyber security is a business risk, rather than an IT-specific issue – but not many act on this by integrating cyber security risk management with wider business risk management processes.
- Not identifying and protecting your most important assets. Companies need to focus their budgets on prioritising protection. Many tend to be excessively targeted on delivering company-wide compliance, yet don’t effectively protect their key assets.
- Final many companies simply do not have the technical defences to deal with sophisticated and persistent threats. Across 2015, an increasingly broad group of highly capable actors will target critical assets across a wide range of organisations.