Cyber Security: Preparing for attack in a shape shifting world

Attacks are part and parcel of the digital world now. No matter what kind of business you are, you have to accept that an attack will happen at some point, and what you can control is how prepared you are for it.

Getting companies to be more aware of security used to be a difficult task, but if there is one thing attacks such as WannaCry did, it was create greater awareness of the issue, said Martyn Brownlie, channel director for Sophos UK and Ireland.

“They’re much more aware of it and even on a personal level, many people have cybersecurity issues,” he said.

“Be it being a victim of some kind of attack or they spotted phishing attacks when they were in work, people are more aware.

“Certainly, GDPR raised awareness of it. I think there’s another level of it to come because we haven’t seen the fines and don’t forget the legal action that is now possible.”

Years ago, it would have been difficult to convince businesses to listen to security experts and take the matter seriously. Now the conversations aren’t just smoother, they’re happening regularly. Brownlie, who has more than 20 years of experience in the field, knows better than most.

“It used to be a real struggle to get people to listen to you, but I think businesses of all sizes are now more aware,” he said. “Also, there are government institutions that are helping raise awareness . . . [and] press. In general, people are paying more attention to it now, it’s not as difficult a sell as it used to be.”

It’s a view shared by the company’s Ireland enterprise lead Brian Murray who says there’s more recognition from businesses that they face risk and need to take measures to combat it. Keeping it as simple as possible is the general philosophy Sophos follows when addressing security concerns with clients.

“Software made simple is really what Sophos built on, and for organisations which don’t have a dedicated security team, using our tools makes it possible for them to do those tasks that they wouldn’t otherwise be capable of doing,” Murray said.

“Sophos Central gives that visibility and even for people who are technical, it gives a great overview of your network environment and where your risks lie.

“Having [it] is almost like having an official member of the team brought in for that special security expertise, and Sophos being as user-friendly as it is, that’s really making a difference to businesses.”

Getting to grips with the challenges modern businesses face can be daunting at the best of times with so many components. The cloud itself is one that companies can end up overlooking, throwing files and data onto it without taking into consideration the responsibilities that doing so entails.

Brownlie mentions that people end up taking risks on the cloud that they would never take with on-premise infrastructure, something with which Murray agrees.

“The cloud is the new frontier and we’re still getting to grips with it,” said Murray. “Because there’s a high turnover of staff for certain organisations, even things like servers that are being spun up on an availability basis are never torn down, they can be up for a couple of years.

“Even the cost of that, the cloud bill on a monthly basis, cloud optics also addresses where it can really cut the cost of being in the cloud.”

Yet the real challenge is that nobody can be an expert in security. The industry covers so many areas and type of attacks that no one person could possibly expect to cover it, let alone keep up to date with the changes in it.

Brownlie says it’s such a broad area that the best security personnel can do is become an expert in one area of security, instead of trying to be a jack of all trades.

“It’s such a broad surface that you can’t be an expert in everything,” he said. “If you’re a small business, you could probably just about afford an IT guy.

“Lots of small businesses don’t want an IT guy . . . they just want the advantages of what IT brings, they don’t want to necessarily own and manage the infrastructure.

“That’s where managed service providers (MSPs) come into their own because they offer you all the benefits of information technology without the disadvantages of having to keep up with it, hence the massive growth in the industry.

“You got information as a service, platform as a service, security as a service, software as a service. You can consume so much IT now, but also have somebody there to help you make sense of it, so it does the best for your business as it possibly can. It’s no surprise that the MSP model is widely adopted.”

That type of model can be helpful when you think about how even the most basic of attacks continue to improve. The concept of phishing attacks has been around for as long as we’ve been using devices, yet the methods used are more sophisticated than before. For those who are time-poor or stressed out, it can be easy to end up believing that a false email is real because it shares similarities with a real email.

Sophos has a service called Phish Threat to help educate and inform users about what a phishing attack might look like, so such awareness becomes second nature.

“One of the things you can do is if you’re using email security solutions, we can stop people who are being targeted by phishing,” said Brownlie. “We’re stripping out these threats as we go, but if we see there are particular individuals, whatever level of the organisation they are in [we can help them].

“What we can do is automatically trigger a Phish Threat test so you can see the people who are vulnerable and say you’re being targeted, and we’re going to put you through a test just so you’re more aware.”

No matter what happens, it’s up to the individual to stay alert to these attacks and take the necessary actions to protect themselves. The more aware they are, the less likely they are to be breached.