The number of cyber threats is growing, but most enterprises still feel unprepared to deal with them. The answer lies in expert assistance and formalised plans, says Networks Unlimited.
Anton Jacobsz, MD of Arbor Networks distributor Networks Unlimited, says while downtime or data breaches could literally cripple an enterprise, the majority of organisations are still unprepared to deal with cyber-attacks. This is a mistake, he says.
“It’s no longer a case of if, but when, they will be attacked,” he notes. He notes that the incidence of Distributed Denial of Service (DDoS) attacks is rising, along with the incidence of attacks designed to compromise enterprise data.
Jacobsz points to Arbor Networks research which indicates that most organisations remain unaware of breaches for months. Other research conducted by the Economist Intelligence Unit and sponsored by Arbor Networks, found that 83% of businesses are not fully prepared for an online security incident. However, organisations that have discovered breaches tend to take action.
“If organisations don’t have a focused CISO, security may be left on back burner until they are attacked or compromised,” says Jacobsz.
This “better late than never” approach often reveals a lack of suitable skills within the organisation, says Jacobsz.
“Specialist IT security skills are in short supply in South Africa. In addition, companiesthat don’t have web sites as their main business drivers, or that don’t depend on the integrity of their data, often do not have a dedicated CISO or IT security team,” he says. However, this is highly risky, he says.
“Where enterprises do not have their own, dedicated IT security teams in place to develop an advanced threat protection framework and carry out ongoing monitoring and proactive defence, they need to partner with experts in the field.”
The Economist Intelligence Unit research found that firms which have suffered an incident in the past 24 months are twice as likely to have an arrangement with a third party expert as firms that have not suffered an incident.
The more prepared firms that do have a response plan in place typically rely on the IT department to lead the process, but the majority also draw on external resources including IT forensic experts, specialist legal advisors and law enforcement experts.
The research report described this as ‘an encouraging trend towards formalising corporate incident response preparations. But it also warned that with the source and impact of threats becoming harder to predict, executives should make sure that incident response becomes an organisational reflex rather than just a plan pulled down off the shelf’.
Jacobsz notes that there are numerous specialised IT security service providers in South Africa, offering up-to-date skills across a broad base of products. “Security needs to be managed by experts,” he says.
“Enterprises need to have a full assessment done, and look at developing an advanced threat protection framework. Specialists will have resources outlining the right policies and processes and will advise on the framework to follow, looking at elements such as staff, mail, firewalls and internet protection, and then preparing a security roadmap,” he says.
In the case of an incident, detection is just the first step, he adds. Analysis, containment and remediation must follow, with steps taken to mitigate future, similar threats.