It is no secret that large multinationals spend a fortune on cybersecurity, often having both internal teams that work in tandem with external providers. Where does this leave smaller businesses, though, from manufacturers right down to local solicitors and accountants? After all, all businesses hold valuable data, and so they are all at risk.
Managed service providers aim to fill that gap, providing a level of reassurance to businesses.
“We work across the board, predominantly the SME sector, but also a number of high-level corporates,” Ken Tormey, chief revenue officer at Typetec, said.
The simple reality is that many smaller businesses, particularly those that are not themselves IT companies, struggle to meet the cybersecurity challenge.
“In the ‘s’-space, heading into the ‘m’, they often get on with just an internal IT guy, but the pace of change can outgrow that, and that's where we come in, bringing things like monitoring and providing constant updates,” Tormey said.
“They also may be stuck in terms of not knowing what to do,” he said.
To talk about cybersecurity in Ireland today is to talk about the attack on the Health Service Executive (HSE). The HSE attack, brazen and in the middle of a pandemic, shocked the nation, showing that any organisation can be the victim of international criminal syndicates.
The only positive to come out of it is that at least this point was made. For weeks, cybersecurity was front page news, rather than being confined to the business sections.
However, Tormey said that, as always, public attention was fleeting. “You could see the bell curve when the HSE attack happened. It got a lot of attention and it made people sit up and notice; but what I think is we’re [now] seeing it fall off the radar.”
One problem is that, despite, or perhaps because of, the penetration of IT into our daily lives, for many of us IT is just not interesting. IT security, which can be arcane, doubly so.
Tormey said that this was regrettable, as the problem wasn’t going away.
“If you talk about security, you can almost feel people dozing off, and unless you’ve been at the coalface and seen the fallout from an actual attack, the heartache and pain as a business is devastated, you can't fully understand it,” he said.
Today, there is added complexity too, as we have moved from our office-bound lives to remote working. Naturally this brings new challenges, and as we start to move back to the office on a part-time and hybrid basis, the challenge will only grow: traditional perimeter security used on-premise will have to be matched with strategies suitable for teleworkers.
“Everyone’s gone remote, they’ve gone hybrid and the uncertainty around that comes up again and again. But not doing something is not the right answer. I mean, who knows where the economy is going to be, so people are watching the pulse in terms of making investments. We've seen a level of tactical investment, but it hasn't bled over into a medium or long-term strategy,” he said.
“The bigger enterprise organisations are out ahead of it. They're bigger targets because there is a bigger reward and they know that; but there is [still] a lot to be gained by cyber criminals operating at a smaller level.”
The managed aspect is the key, Tormey said. You can go to a reseller and get some security software, but then you need someone to own it and run it.
Indeed, today attackers are well versed in what businesses do and how their operations function.
“They've done their homework [and know] most companies can't afford 24/7 monitoring in-house,” said Tormey.
Threat tactics are changing too.
“Holding data to ransom is common but, increasingly, there is the threat to publish it, which is not only a compliance nightmare, but also a problem in terms of intellectual property.
“Setting up an attack is as easy as booking a hotel room and the support that comes with it is as good as with an online retailer,” he said.
“The technology has now evolved to putting the right solutions in place, using tools like machine learning and artificial intelligence to understand if an attack is happening and taking action from a proactive stance to ensure there is isolation and quarantine."
Typetec partners with Darktrace, a global leader in AI, to have machines monitoring machines
“They will respond faster than any person, understand the network and the changes being asked for, and can intervene,” said Tormey.
The technology also allows attacks to be understood.
“It learns from other attacks around the world; an attack may happen in Australia and the pattern of attack is shared with the other nodes.”
The upshot of this is that now any size of business can afford cybersecurity.
“Putting in place that level of security operations is now coming down to a price point where the value proposition is more equitable and more cost effective,” said Tormey.
On the other hand, it would be a mistake to think only, or even predominantly, of the technology itself. Cybersecurity is a business issue, not a tech one.
“The talk is not about technology, it's always about business. It’s a business risk, it’s not just a technology risk – and it never was just one. It's a board level matter,” said Tormey.
“People don’t think twice about paying their insurance premiums. Investing in your cybersecurity should be seen in exactly the same way,” he said.