Related Articles
Organisations often turn to the phrase “we were hit by a sophisticated and determined cyberattack”, only later to discover the hacker was a teenager using free tools downloaded from the internet. Takeaway point: it’s hard to be cyber secure in 2023.
So, if it’s hard for large organisations like Royal Mail, you might imagine it would be even harder for small organisations with far fewer resources – no cybersecurity teams and no large budgets for cybersecurity tools. Historically that wasn’t the case because smaller organisations used to fly under the radar, as they were not worth hackers going for as there were bigger fish to fry.
What you don’t see as much in the news, though, is that it’s not just the big fish being targeted anymore. In fact, a 2022 report found that 82% of 2021 attacks affected organisations with fewer than 1,000 employees. Hackers are moving their sights towards the lower-hanging fruit, as many larger organisations become tougher nuts to crack. It has become a question of effort vs reward.
It’s not getting any safer either; according to Check Point Research, global cyber-attacks increased 42% in the first half of 2022 compared to the year before, with ransomware being the top threat to companies. So, either cybercriminals are growing in number, or they are managing to automate their efforts to hit a wider spectrum of targets. Either way, it costs companies millions to deal with. No matter how you slice it, cyber risks are growing. Companies of all shapes and sizes must be on high alert.
So, what can be done?
While no organisation can make itself immune from a cyberattack, the ultimate goal is to make it more difficult to attack your company than your adversary is willing to take. A bit like putting the cookie jar out of the reach of children, and one of the most fundamental ways organisations do this is by running a vulnerability management programme.
While many organisations know this and already rely on traditional vulnerability management tools, gaps can still commonly exist in the following areas:
- Asset management – making sure everything you have is getting scanned
- Lack of resources to respond to the latest threats
- Inability to deal with the volume of information
Asset Management
Asset Management is the missing link in many organisations’ vulnerability management programs. It is impossible to protect if you don’t know what you have.
The TalkTalk breach of 2015 was famously in a site they claimed they didn’t know of. Fortunately, many cloud computing platform organisations are moving to offer a ray of hope here – although they allow developers to spin services up more easily than in the past. Modern vulnerability management tools can hook into cloud accounts and ensure no assets are missing from the scanning schedule, minimising any exposure windows.
Some things are unavoidable, though. Laptops for new joiners should be routinely added to vulnerability management and patching programs before they are assigned to users. The process is important here.
Proactive Scanning
Small organisations often have either an IT Manager, CTO, or Lead Developer/DevOps Engineer whose role is much wider than cybersecurity. In these cases, they are often expected to do cybersecurity part-time and so struggle to cope with the sheer number of vulnerabilities being discovered. Last year alone, 22,000 vulnerabilities were discovered. That’s nearly two thousand each month.
For this reason, it’s not uncommon to hear that a company has bought a vulnerability management solution, even that they are running daily scans, but when asked how often the results are looked at – the room can go silent.
That’s because scan results can be too time-consuming to review if they are viewed entirely. Scanners are so good at finding things they can easily overwhelm with pages of information.
However, some modern scanning solutions provide incremental scan results and proactive scans for the latest Emerging Threats. This can save time by providing alerting whether your organisation is affected, giving you the peace of mind of being informed – but not overwhelming the viewers of the reports. This is an important gap to plug since attackers are becoming faster at weaponising the latest vulnerabilities and scanning the internet for victims.
Intelligent Prioritisation
As mentioned, scanners are great at finding many issues, but no organisation can fix everything that comes back from the scanner. As soon as the last threats are fixed, new ones emerge. It’s a never-ending battle. What’s important is that your tooling provides as much prioritisation for you as possible, so you can intelligently reduce your attack surface with the right amount of effort.
There is a wide array of options on this front, from tools that specialise in threat intelligence to those that aim to reduce your attack surface. Careful consideration of these benefits can help you choose the solution that is right for your unique digital estate, providing further peace of mind while you get on with the hundreds of other things on your to-do list.
Today’s cyber environment is more challenging than ever, and all organisations face increased risk. While it’s impossible to guard against every threat, companies can help keep themselves safer by adopting modern vulnerability management platforms, combining automated asset management with proactive scanning and intelligent prioritisation. While achieving a state of zero vulnerabilities may be a never-ending battle, it’s a fight that companies must be willing to take to avoid falling victim to today’s many cyber threats.
By Chris Wallis, CEO and Founder, Intruder.
Chris Wallis, CEO and founder of Intruder, has over a decade of experience in cybersecurity, working with the big four consulting and international finance organisations. Having previously provided counsel on the cybersecurity operations of numerous FTSE 100 companies and blue teams defending critical national infrastructure, he founded Intruder with a clear mission eight years ago. His goal was to solve the overload crisis in vulnerability management, where tools were great at finding issues but less useful at prioritising, tracking, and alerting to those problems. Currently, 2,500 businesses worldwide have entrusted the team at Intruder to protect them against ever-evolving cyber threats.
Source link
