For Menny Barzilay, co-founder and CEO of cybersecurity firm FortyTwo Global, the problem stems from human error. “I have a lot of people come to me and say: ‘I’m not afraid. Nobody will hack me. No one cares about me. No one knows me. Why would anyone hack me?’ And this is not true. It’s very important to understand that everyone has personal information that can be monetised by crime.”
‘If a business has the ability to react to a breach within 24-48 hours, that’s often enough to prevent any kind of damage.’According to the government’s 2018 Cybersecurity Breaches Survey, the average cyber-attack costs medium-sized businesses an average of over £16,000 per year. Scams range from identity theft to authorised push payment fraud, and those are just the common ones. So how can businesses protect their data when it seems like we’re fighting a losing battle.
“It’s a very interesting technique, because if you’re a hacker and you don’t know the network, you find a database that is vulnerable with a great deal of seemingly sensitive information,” says Barzilay. “What they don’t realise is that from the moment they enter the database, everything is recorded.”
“But it often takes hackers a few days or weeks to find the most valuable financial or personal data held on a network. Then, if a business has the ability to react to a breach within 24-48 hours, that’s often enough to prevent any kind of damage.”
Deception systems are an important tool. But you should only implement deception systems after you have taken care of the key controls such as Firewalls, Patch management, Siem systems, Permission management, Network segmentation.
Dwell time is the duration a hacker has undetected access to a network before they are removed. Deception is particularly good at reducing dwell time as it allows businesses time to detect potential hackers.
According to the Cyber Evolution: En Route to Strengthening Resilience in Asia, the average dwell time in Europe, the Middle East and Africa is approximately 106 days.
“These systems analyse your data, will enact some forensic automation and then give a human operator the end result,” says Barzilay. “It means you can ignore those 50,000 alerts from your anti-virus. This technology, for example Security, Orchestration, Automation and Response (SOAR), will highlight anything it flags as interesting and alert the end-user".
SOAR is becoming so popular that research and technology company Gartner predicts by the end of 2020 around 15% of businesses with a security team of more than five people will use SOAR.
‘It’s very important to understand that everyone has personal information that can be monetised by crime.’
Menny Barzilay, co-founder and CEO of Cyber security firm FortyTwo Global
The artificial hacker
“Instead of hiring a company that do penetration testing once or twice a year, the virtual hacker will do it 2000 times a year,” says Barzilay. “Those systems are not as sophisticated as real hackers, but they will become more and more sophisticated over time and will seriously help you identify potential threats.”
An experienced penetration tester can mimic the tools and techniques employed by criminals and leave a device unharmed.
The key thing to remember about cybersecurity is that it’s up to you to ensure your devices are secure. Many of these issues can be solved by traditional cybersecurity advice, with some being explored above. By ensuring you have a few systems in place you are closer to protecting your business' sensitve data and saving yourself time and money.