Tackling cybercrime: three recommendations for 2018
By Dean Thomson, Cyber Security Specialist, O2
In 2017 we saw ransomware variants such as Wannacry wreak havoc across computer networks in the UK. Not only were these variants of malware almost impossible to remove from computers without causing data loss but they caused real damage – we saw awful scenes when hospitals and doctors’ surgeries had to close their doors as a result. We know in 2016 the UK cost of cybercrime was estimated at around £29 billion and in 2017 we saw a 22% growth on that figure. It’s clear the problem is not going away anytime soon.
A more worrying statistic is that due to weak cyber security practices the average time to identify a breach has been around 200 days. The length of time businesses then chose to report about the event was much much longer. Sometimes not at all.
With GDPR ‘live’ on 25 May 2018, the EU Parliament makes it very clear this lax approach to data security has to change. After this date, breaches of personal data are required to be reported within 72 hours or UK businesses can face fines of up to 4% of their revenues. Yes not profit, revenues. Some breaches will also have to be publicly reported so no more cover ups.
What I think we can say, is that in 2017 hackers made a lot of easy money and caused huge disruption as a result of UK business missing the basics when it comes to securing data. Most of the breaches I read about in the press could have been easily prevented by taking a more proactive approach to cyber security and following the government’s guidelines. This brings me on to a prediction for 2018: I believe ransomware will continue to evolve as it does but as a by-product of GDPR I believe we could see a change in how hackers now extort money from our organisations. There is an awful lot of confusion about GDPR and hackers will likely exploit this to threaten brand damage and network disruption.
We can almost guarantee the smart hackers are harvesting terabytes of information from UK businesses in preparation for the huge ransom demands they are going to make after GDPR kicks in as I write this blog. In every corner of the dark web such information is already for sale and can be traded for in Bitcoin or whatever traditional currency you like. Would you be ready to respond if they are telling you they have your data?
So what can we do to best prepare for 2018’s cyber onslaught? Here are my top three recommendations.
User Behavioural Analytics
As well as monitoring networked devices or security events, UBA uses big data platforms and machine learning to analyse users’ activity and automate the detection of insider threats. Combine UBA with a well-managed SIEM (security information and event management) and you’ll certainly be on the right foot if the hackers or the regulators come calling.
Next Generation Endpoint Security
Around 70% of UK business are still reliant on signature based detection to prevent malware or ransomware. It’s time to deploy next generation endpoint protection that uses behavioural analysis to detect and stop malicious activity. This technology will also go a long way in helping to protect against chip based exploits such as Meltdown and Spectre that we saw this month.
Outsource Security Management
Don’t waste money on trying to build and tool your own Security Operations Centre, instead outsource the problem to the experts. The costs for managed security services have come down considerably in the last year and it is far more secure to use a SOC that can see threats that are not just targeting your own business. There’s strength in numbers. We’re here to help if you need us.
Want to find out more about how your organisation and O2 can work together? We have a range of dynamic security solutions that can help with the above recommendations. Get in touch.