How can businesses best protect themselves against hackers and viruses?

We regularly see well-known businesses and household names under attack from viruses and hackers. What can businesses do to best protect themselves against these attacks before it is too late?

© Perspecsys Photos (CC BY SA 2.0) Cropped

© Perspecsys Photos (CC BY SA 2.0) Cropped

Back up your systems in multiple places

Gavin Davey, associate in IT assurance in the Insurance Industry Group at accountancy firm Moore Stephens says that having three back-ups, as least one of them in a remote location, can help to keep services running when they are attacked.

“Denial of service attacks have grown by 30 per cent in the past year, and last much longer, taking up much more bandwidth,” he said.

Analysing and collecting data

Garry Sidaway, global director of security strategy at NTT Com Security says that one of the most useful things an organisation can do is to look at the data they are collecting every day.

“Logs can be found in event sources like Windows and Adobe software, throughout the company’s IT environment, which are then stores for use in investigations and logs,” he said. “Routinely checking logs gives firms the ability to access greater threat intelligence to learn from as well as identify statistics and trends over a period of time to predict future risks.”

This may involve the use of a monitoring system to keep an eye on data from multiple sources, or even a dedicated member of staff in the IT team.

“Organisations need constant visibility of all network activity,” said Ross Brewer, vice president and managing director for international markets at LogRhythm. “This requires the use of centralised, automated protective monitoring systems, capable of processing data from multiple sources across networks, including systems events, applications or databases.”

Vulnerability scanning and risk assessment

“Organisations must start with an understanding of what they are trying to protect and work out the risks,” said Rory Innes, head of cybersecurity at operational risk business Salamanca Group. “Good security focuses on who the attackers are likely to be, and what kind of approaches they will take.”

He recommends that networks be tested regularly against different types of attack to try and spot vulnerabilities early.

Early detection and prevention

Mr Davey also advocated monitoring and detection software to aid with tracking potential problems in digital technologies.

“All businesses should have network detection software – the quicker you know, the quicker you can deal with it,” he said.

Reign in your ‘privileged’ users

In addition to security risks from outside the organisation, businesses also need to be aware of the problems that can be caused from within.

Privileged users such as network administrators and database users with access to accounts mean there will always be a risk of data breaches from the employees themselves.

“Edward Snowden was a privileged user,” said Sol Cates, chief security officer at Vormetric data security company. “He didn’t have to do anything extravagant. Simply as a result of his access policies for data at his employer, he was given unfettered access to systems and the data available to them.”

By keeping an eye on these users and the amount of information they have access to, safety and security risks can be minimised.

Incident response planning

“Prepare for the worst, hope for the best,” said Ben Densham, chief technology officer at Nettitude. “Have an incident response plan in place in advance so that a procedure and timeline of actions is ready to be initiated. This ranges from analysing what happened, recovering lost data, preparing detained forensic information and logs to see what has been accessed and for how long.”

Such plans are vital in case of an attack. In Evernote’s recent attack, it was able to use its incident response plans and analyse the data it had to pinpoint the exact moment it was attacked.

And if a breach of security occurs, be honest and upfront with your customers

“Feedly and Evernote are doing things right,” said Trey Ford, global strategist at IT security data solutions firm Rapid7. “Companies should take note of the positive user responses to their honest and upfront communications regarding their breaches. To deny service is irritating to customers, and can occasionally affect income.”

Tags: , ,