Unfortunately there isn't a single solution that addresses all cyber security issues across every organisation in every industry.
However, there are mistakes commonly seen across client environments that put an organisation at additional risk to the growing threat landscape. From investing in best in breed technology vs. thinking about the processes and people and operationalising technology around what provides most value or having the misperception that parts of an organisation aren't appealing as a target, the wrong investment or misconception can be the difference in avoiding disaster.
In this video Hadi Hosn, SecureWorks Head of Security Strategy and GRC Consulting in EMEA, gives an overview of the top 5 common cyber security mistakes seen in client engagements and how your organisations can avoid these common missteps.
The top 5 mistakes we usually see clients make, I will start with number one and that is clients believe investing in technology will solve all their security problems. They will go out they will buy the best in breed technology solution assuming that all they need is to implement that and their security problems are sorted. Really clients need to think about the process the people and operationalising that technology in order to identify the value that they can give their business and improve their security maturity.
Another mistake would be around investments in antivirus. We believe, and this is a technical mistake that we see, antivirus as a technology does not help mitigate the more advanced threats. Antivirus is a signature-based technology and if they haven't seen the threat before, then the antivirus solution does not function in a way that identifies those threats.
A lot of the malicious activity we see nowadays are not malware based they work though phishing; they might be able to identify some privileges and move across the network to try to get to a position where somebody can steal data. Antivirus does not help you address this. We see organisations investing more in the advanced end point detection solution, which is more behavior analysis. And that's where a lot of the investment in end points are going.
And the mistake is that focusing only on antivirus is the right approach. So we address antivirus, we address the fact that organisations just invest in technology, another mistake that we see is that organisations don't always identify their key information assets to focus their security protection. The organisation tries to implement security as a whole, which doesn't usually work. Try to prioritise your investment on the areas that matter, based on what information you have in those areas, is absolutely critical.
Another mistake that we see clients make is thinking they, as an organisation is not a security target. They don't believe they're going to be breached, they don't think that attackers will target them, but in our view all organisations in any industry is a target. If you're in business and you have customers that have something of value that believe you have something of value then you will be a target to attackers. It could be your website going down, therefor you can't communication with your customers, it could be payroll not being paid therefore resulting in your business operations being disrupted. Organisations nowadays need to focus on the detection and response because everybody is a target and that's clear across the industry.
Another mistake, and probably the fifth that I see is really that security is just seen as an IT issue. IT is thought of as the team that's going to drive security across the business. Now it's true, IT can have a big part to play, but the organisation and the business needs to understand their role in security. They own the data and therefore they need to be the ones driving security across their business owning those security controls that get implemented across their data. In or view initiatives like security training and awareness, getting them fully aware of what the risks are to their data helps minimise that mistake.