The threat from cyber on all businesses is constantly growing. This guidance paper from Giles Taylor Head of Data and Cyber Security, Lloyds Commercial Bank provides some steps that can help you safeguard your business, employees and assets.
“Cyber crime is a dynamic threat that can have a major impact on an organisation of any size. Business leaders are having to rapidly adapt to prepare their businesses to protect, respond and recover from cyber attacks. It is crucial to give consideration to operational, media, legal and financial planning in addition to IT resilience. This guide is designed to support our clients in making their business more secure and more resilient and ultimately to help Britain prosper.” comments Taylor
68% of large firms have experienced a breach or attack in the last year (Department for Culture, Media and Sport, 2017)
$450 billion the cost of cyber-attacks to businesses globally in 2016 (Lloyd’s of London/Cyence)
What are cyber threats?
Cyber threats encompass threats to any combination of information technology and digital assets, the data held on them and the services they run or provide.
The range of cyber threats is constantly evolving, but most of them involve attacking the confidentiality, integrity or availability of data or systems.
Consequences of cyber attacks are often much wider than a local IT or fraud issue, they can have a significant impact on a business, including reputational damage to the brand, for instance through the loss of customer confidence.
Other consequences can include legal or regulatory sanctions, particularly if large quantities of customer data is stolen and regulators find that business controls are not sufficient from a data privacy perspective.
Who are the culprits?
Cyber attackers are generally grouped into categories, based on their motivations and capabilities, collectively known as ‘Threat Actors’, including:
- Hacktivists: Politically or ethically motivated groups and individuals using cyber attacks to get a political message across.
- Criminals and Organised Criminal Groups (OCGs).
- Nation States/State Sponsored, Government-funded and guided attackers, primarily focused on the theft of intellectual property or confidential government information.
Whilst cyber attacks are often perceived as an external threat, insiders are often involved in an element of the attack, sometimes maliciously, but often by being manipulated by criminals to divulge information or perform a specific task.
What are vulnerabilities?
Attackers seek to gain access to systems through vulnerabilities in a business’ systems, their processes or their people. Vulnerabilities occur through flaws, features or user error,
and attackers will exploit any combination of these to succeed.
Protecting your business from cyber threats
- User Education and Awareness: Produce policies covering acceptable and secure use of the organisation’s systems. Establish a training programme. Maintain user awareness of the cyber threats.
- Network Security: Protect your networks against external and internal attack. Manage the network perimeter. Filter out unauthorised access and malicious content. Monitor and test security controls.
- Secure Configuration: Create a system inventory and define a baseline build for all IT devices. Apply security patches and ensure that the secure configuration of all IT systems is maintained.
- Removable Media Controls: Produce a policy to control all access to removable media. Limit media types and use. Scan all media for malware
before importing onto the corporate system.
- Malware Protection: Produce relevant policy and establish anti-malware defences that are applicable and relevant to all business areas. Scan for malware across the organisation.
- Social Media: Implement a social media policy for employees. Educate users to consider what they post online, particularly due to the risks from discussing work-related topics on social media, which could result in being targeted by (spear) phishing attacks.
- Incident Management: Establish an incident response and disaster recovery capability. Produce and test incident management plans. Provide specialist training to the incident management team. Report criminal incidents to law enforcement.
- Monitoring: Establish a monitoring strategy and produce supporting policies. Continuously monitor all IT systems and networks. Analyse logs for unusual activity that could indicate an attack.
- Managing User Privileges:Establish account management processes. Limit, control and monitor privileged accounts. Control access to activity and audit logs.
- Home and Mobile Working: Develop a mobile working policy and train staff to adhere to it. Apply the secure baseline build to all devices. Protect data both in transit and at rest.
“Cyber attacks will continue to evolve, which is why the public and private sectors must continue to work at pace to deliver real-world outcomes and ground-breaking innovation to reduce the threat to critical services and to deter would-be attackers.” – Ciaran Martin, CEO National Cyber Security Centre
Download the cyber security guidance whitepaper from Lloyds Commercial Banking team
For more information and guidance visit the National Cyber Security Centre’s 10 Steps to Cyber Security guide