Cyber - Threat - Intelligence,
In the rapidly evolving world of digital transformation and instant global connection, there is an equally huge issue of protecting assets through this cyber infrastructure.
This threat manifests itself via security weaknesses within connected devices (IoT), systems and human interactions.
This has been brought to the public's attention through recent headline media reports.
Everyone is potentially affected: world economies, governments, large organisations, SMEs, and individuals.
We attended the Security Counter Terror Expo at Olympia, London. Michael Sentonas - VP of Technical Strategy at CrowdStrike gave a presentation on global trends in cyber attacks.
Real world research compiled during 2017:
- Typical dwell time = 86 days (from network attack to being discovered)
- Lateral movement speed = 1 hour and 58 minutes (how quickly after initial network penetration attacker moves onto other systems laterally)
- Anti-Virus effectiveness = 39% of all detections in 2017 where malicious software went undetected by traditional anti-virus.
Top 5 take-aways from Michael were:
1) Know your adversary
2) Push for maximum visibility
3) Reaction speed is essential
4) Employees are the front line of defence
5) Results orientated metrics
Every company should be working towards:
- Time to detection = 1 minute
- Time to investigation = 10 minutes
- Time to remediation = 1 hour
- Every company should carry out their own robust risk assessments of all connected equipment, systems and personnel. Undertake regular breach simulations.
- The larger the organisation, the greater probability of a security breach just by the sheer number of connected devices and people using their systems.
- Remember It only takes one device not to be updated or patched to cause a breach on the system.