Cyber Resilience – A Cost of Doing Business

The last years have seen near-constant revelations of large organizations and government agencies suffering from cyber-attacks. These attacks can be heavily damaging taken into account that the recent year has accelerated digital transformation efforts causing a shift towards cloud migration and remote work. One recent example is the cyber-attack on one of Netherlands’ largest automotive manufacturers, imposing the suspension of employee’s daily work activities and production; consequently causing great damage to the business.

Why do hackers attempt to gain access or control of companies' vital information? Most often it is for financial gains as in ransomware attacks. Proprietary, client, and employee information can all be exploited if they fall into the wrong hands. Additionally, ransomware attacks can impact food supply chains and leave both consumers and retailers scrambling to keep up. There is also the case of corporate espionage, where outside entities are attempting to gain confidential data about a business. Ultimately, cyber defense is about protecting information that is key to running the business - solely for the business and not in the public domain.

Zero Trust Cyber Security

Cyber security operates on top of your existing systems. The older model, “walls and ditches” is outdated. This setup had the business as the wall and anyone with the keys, ideally employees, could enter and access information. It’s ineffective against hackers because all they need to gain access is the key. When businesses moved from local storage to the cloud, this approach no longer worked.

The newer and more secure model is called Zero Trust. This asks that all users whether they’re in the organization or outside, to be continuously validated before gaining access. Per the ongoing validation, Zero Trust monitors activities across the network and can see which assets are accessed in real-time and flag any anomalies. It places emphasis on understanding user behavior to gain an intelligent picture of whether it’s truly the person or an intruder.

Why Zero Trust?

It’s about much more than working remotely. Humans now have more connected devices than ever before - thus, companies have a lot more endpoints to worry about. There are also significantly more SaaS solutions that need to be secured, making a borderless model a more effective choice for global workforces.

Zero Trust ideally operates on an artificial intelligence model. It can see which user is trying to gain access, where they are, which device they’re using, if their local software is secure, what they typically access, and what they are trying to see. For example, if a user typically accesses the network from their iPhone in the UK, but they try to login from their laptop in Scotland, the security protocols will flag it as unusual. It’s not that the user’s credentials are not trustworthy, it’s that their behavior is not the norm, and they need to be validated again. Essentially, this model paints a clear picture of every user and acts quickly when anything is out of character for them.

Overcoming Resistance

New policies and programs can be met with resistance from employees. This is typical if it’s implemented in the wrong way or with minimal information. Where multifactor is only triggered in certain situations such as travel or specified time windows, any new implementations need to be less intrusive. If you ask your people for multi-factor authentication every day or too often, that can cause resistance. The resistance could make them against more security policies. Remember to keep the end-user in mind when you add new protocols.

In addition to being user friendly, people need to understand why things are done. For example, when companies use complicated third-party software to transfer data, users might feel more inclined to use their emails instead, even when it’s against policy. Ultimately, people prefer efficiency so keeping them in mind when implementing systems is key. When people understand the reasoning, they are much more willing to cooperate and help manage the process from end to end.

Working Past Fear

The trouble with security is it can be implemented hastily and from a place of fear. When major breaches happen, it is all over the news. Companies feel the need to act because they don’t want to share the same fate. However, new protocols are either integrated too quickly or only discussed. The best implementations happen when there is a consultant there to aid and assist the organization and its members through the new process. Also, the most effective implementations have a mindset change. Everyone in the organization needs to be onboard and understand why these things are happening.

Cyber Defense - A Cost of Doing Business

Cyber defense, in our experienced opinion, should be considered as a day-to-day constant business expense. While we know we need to pay our taxes, benefit packages for employees, raw material costs, costs for rent, none of those can exist if information is stolen and exploited. It’s a necessary insurance, adding structural support to existing business insurance. Depending on the size of the company data breaches can cost millions in direct and indirect damages and cyber resilience is needed to significantly reduce the risk of these damages.

When we all began working from home in the spring of 2020, it was a hackers’ dream. Companies that didn’t have safeguards in place such as VPNs or up-to-date software suffered. Employees were accessing proprietary company data and programs on their home computers and home networks. What did this mean for businesses? It’s like leaving your car unlocked and the keys inside. Anyone with strong technical knowledge could see the situation as an easy grab.

Successful Implementations

Avanade has been instrumental in helping SMEs and Enterprise-level businesses protect their assets in a way that is highly secure and scalable. The strongest implementations take place when the business has the help of a consultant through the entire process. MFA is a great first step, but having an outside party looking closely at the business risk and measures will have your business well-positioned to determine where to invest in cybersecurity.