“An Introduction to Cyber Security – what you need to know, and what you need to ask…” By JONATHAN SHARROCK, CEO, Cyber Citadel.
This article, “An Introduction to Cyber Security,” was written for and published in the 2nd Edition 2021 Across Borders magazine, p. 47.
A malicious attacker will breach your IT network. It’s a statistical fact now.
But what if you could find out how an attacker will gain access and how you could prevent it? Of course, you would ask for a briefing immediately. Well, the answers are there, businesses just need to invest a little time into finding out.
Getting on top of cybersecurity doesn’t have to be daunting or expensive. The first step is always to understand the risk landscape of your company and then critically assess network security.
This starts with a Threat Risk Assessment followed by a Security Posture Review. These low-budget high- reward procedures tell you what your risks are, and whether the resources you have at your disposal are capable of mitigating them. Security companies like Cyber Citadel can carry these out in a matter of days, and this valuable information places companies in much stronger positions to make good decisions about security changes.
The most crucial test of company security is a vulnerability assessment and penetration test (VAPT), which should be run at least once a year. It is important to realise this is a dual procedure: the two components are different and complement each other. A vulnerability assessment is a comprehensive but largely automated scan of a network to detect technical vulnerabilities, and the findings are passed on to the penetration test team. A penetration test is a human-led investigation to evaluate network security involving simulated cyber-attacks to reveal weaknesses, and it aims to provide both technical and business solutions.
When working with security providers, make sure you know what you’re paying for.
Ensuring the wellbeing of an organisation is a collective effort by all of the Senior Management Team and taking on the challenge of cyber security should also be viewed as such. Fortifying your digital infrastructure is only part of the solution facing many organisations. Educating staff on responsible data management, on how to recognise suspicious activities such as phishing emails and generally thinking “more securely” should be part of a company’s strategy in the 21st century.
It’s time to get on top of cyber security. It isn’t just a compliance issue. It’s about protecting your assets, safeguarding your reputation, and obtaining client’s trust. And with the potential cost of a data breach, it will save you money in the long term. Especially in the logistics sector where business down-time is expensive.
Additionally, in logistics, a cyber-attack can now have health and safety implications. GPS-hacking for example interferes with shipping navigation, not just interrupting supply chains but placing ships and their crew in danger. And attacks on SCADA systems controlling critical machinery could result in severe damage and employee injury.
Only a thin veil separates attacks in cyber space from the real world.
The IT (Information Technology) network is becoming interwoven with the OT – or Operational Technology – network. This process, known as IT-OT convergence, is quickening pace with the integration of Internet of Things (IoT) devices, and the remote monitoring of machines and environments.
Cyber Citadel understand that companies are driving the digitisation of processes to improve performance and output, which is great for business, but increases the vulnerability of operations to cyberattacks. By working with security providers, businesses can make sure that their operational development doesn’t cost them their network security.
Many new technologies such as IoT devices, remote access software (RAS), and third-party provided software as a service (SaaS) are creating easy entry points for cyber criminals.
Third-party software has shown itself to create dangerous vulnerabilities in recent times. The attack on cybersecurity firm FireEye in 2020 occurred via RAS provided by Solar Winds, and this year an attack on remote monitoring and management software provided by Kaseya and used by many companies worldwide was breached and resulted in various supply chains being halted.
Getting on top of cybersecurity doesn’t have to be daunting or expensive. The first step is always to understand the risk landscape of your company and then critically assess network security
Outsourced software and services security can be tricky to navigate. It is important to carefully consider services provided by third parties, and how much access they have to the company network. The principle of least privilege should always be applied: give away the minimum amount of access required to facilitate the job, nothing more.
Also consider the structure and architecture of the network. Use segmentation to isolate vulnerable sections of the network, and sections accessed by third parties. In the case of a breach, it is vital to prevent lateral movement through the network and the spread of malicious software to critical infrastructure and backups of data.
Do your best to secure your most important information, but only by making backups, and backups of those backups can you be sure your data is always recoverable and gain the best negotiating position in the case of a ransomware attack. At least one of these backups should be kept offline, disconnected from the network on an external hard drive for example, to ensure it can never be reached by hackers.
Backing up data might seem like an obvious and simple solution, but most attacks aren’t sophisticated: they rely on basic errors made by organisations and their employees. Weak passwords, not implementing multi-factor authentication (MFA), and not patching software are classic mistakes that lead to data breaches.
Many businesses are turning to highly sophisticated cyber solutions involving AI and Machine Learning, but the reality is that whilst these approaches can provide insight and great processing power, they don’t provide the business solutions required to improve overall infrastructure.
So, start simple, and keep mitigation approaches efficient and cost-effective. Self-assessment, both technical and general, is where to start, and this should define your cyber-policies and decision-making.
For guidance on implementing mitigations, the Australian government recommends an ‘Essential 8’ improvements a company can make. Some of these are as simple
as Multi-factor Authentication (MFA) or restricting privileges. The Essential 8 guidance is a great place to start.
For more information, take a look at Cyber Citadel’s resource centre including white papers on topics like the Logistics and Global Health markets as well as a host of subject-specific videos.
Also, watch our video detailing our cyber security outlook for the logistics industry.