Some IT managers feel that their organizations are fighting an uphill battle against cybercrime. A recent poll of IT professionals in the U.K. revealed that many respondents lacked confidence in their abilities to fend-off attacks at a time when data volumes continue to rise and require additional monitoring.
This mindset isn’t exclusive to Britain. Private and public sector organizations around the world have struggled to adjust to an environment characterized by heightened network activity, some of which is tied to sophisticated cyberattacks. The recent holiday season alone featured several notable campaigns such as the Target retail breach, the hacking of millions of usernames and phone numbers from mobile app Snapchat and an attack on Skype.
Concern about preparedness for cyberattacks has even crept into national security discussions. Wary of threats to critical infrastructure, the U.K. and Japan have taken steps to address weaknesses in IT systems. Some defense officials in the U.S. even regard cyberwarfare as the top danger to national security.
This growing awareness of IT risks need not turn into panic, however. Organizations must devise new security strategies that encompass input not only from IT managers, but from workers in other departments as well, since cyberattacks can disrupt operations across the entire company. On the technical side, consolidating network monitoring solutions and data centers may be a key step toward streamlining IT infrastructure for the new threat environment.
RedSeal survey shows widespread concern about preparedness levels in the U.K.
RedSeal’s survey of 350 British IT professionals revealed concern about network security. Less than half of respondents said that they could truthfully tell their boards that operations were secure from attack, edging out the 36 percent stating that they could not do so.
However, the real problems facing these managers may be more closely tied to procurement processes and staffing than a sudden surge in cybercriminal proficiency. Nearly a third of respondents confirmed that they ignored critical vulnerabilities because of a lack of time or suitable security solutions, and 28 percent wanted access to better tools for handling the deluge of network data.
“The cybercriminal community knows that companies are overwhelmed with too much data and don’t have the resources or tools to protect their most valuable assets, so they take advantage of the weak spots,” stated RedSeal CEO Parveen Jain. “Our advice is to utilize automated solutions, so that you can hone in on the vital vulnerable data with actionable intelligence. This way IT departments can get visualization of their end-to-end network security architecture, enabling them to defend their systems against sophisticated cyber-attack.”
Communication was another common stumbling block, with 60 percent reporting that the boardroom and IT department were on different pages when discussing organizational security. Similarly, a majority of respondents had trouble using key performance indicators to demonstrate progress.
Work to be done on the attack detection and response fronts
RedSeal’s suggestion that companies use automated solutions is a first step, especially in light of the problems that IT departments are having monitoring and responding to network activity. Forty-five percent of respondents asserted that they wouldn’t even know if they were being hacked because their systems are so flooded with data that it’s impossible to pinpoint attacks.
The issue with staying on top of threats isn’t entirely technical though, and it has a lot to do with how organizations are structured to respond to cyberattacks. Speaking to Fortune, author Peter Singer argued that C-level executives should become more informed about IT risks, especially since 70 percent of business executives have made cybersecurity decisions for their companies.
Including business teams, government officials and security vendors in the conversation is critical now that cyberattacks can have widespread consequences for commerce, privacy and international relations. Japan’s rising investment in defense against cyberattacks, as well as the concern of American corporations about intellectual property theft online, illustrate the scope of the challenge.
Frameworks such as the SANS Institute’s Critical Controls could be instrumental in helping organizations improve cybersecurity practices and spread responsibilities across all departments. Many of its components are basic measures that are familiar to security professionals – such as controlling administrative privileges, securing wireless access points and keeping anti-malware solutions up-to-date – but are worth introducing to others so that they can contribute to security efforts. Since threats can enter organizations through channels as mundane as spam email, protecting the organization’s data is a matter of getting everyone to pitch in.
U.S. Air Force consolidates IT solutions to keep pace with risk environment
U.S. military agencies offer another blueprint for adapting to complex, data-rich threat environments. Part of the Department of Defense has sought to consolidate IT systems so as to reduce the number of entry points for cyberattacks.
The Air Force has already consolidated 120 of them into just 16 gateways. It has migrated 90 percent of 275 vulnerable sites that serve more than half a million users, making it easier to keep tabs on anomalous activity and mitigate threats.
“This [move] already has improved our ability to secure the Air Force network, monitor traffic and provide defense in-depth,” stated General William Shelton, head of Air Force Space Command, according to National Defense Magazine. “We’ll be fully consolidated by the spring, and when finished, we’ll have a single enterprise network with consistent standards … one that we can defend.”
The Air Force’s efforts are part of a broader DOD initiative to create a lower number of more secure IT sites. The Pentagon is seeking to bring more than 15,000 IT networks under one joint information environment. This JIE would eliminate some redundant systems and provide greater visibility into unauthorized insider activity.
Moreover, there are many similar examples that organizations can learn from as they modernize networks to handle increasing amounts of data and more advanced threats. Although British IT managers painted a dismal picture of preparedness, companies have a variety of options and measures to pursue in broadening awareness of risk and taking appropriate action to mitigate it.