Cyber security in 2020: visibility is key
Most businesses have now woken up to the fact they need to put preventive measures in place to protect their systems, networks and data. And indeed, this is an entirely necessary first step towards resilience.
But one of the biggest risks organisations will face this year is not having visibility of the attacks their networks are facing from external sources.
To use an analogy:
Decent locks on your doors and windows are important. No two ways about it.
But would you say your home was particularly secure simply because you have these basic necessities?
They should keep out opportunists, but anyone who’s determined to get inside will be able to get past these defences with relative ease.
However, with the addition of a burglar alarm system or CCTV, maybe you would feel a little more comfortable leaving your home unattended.
Because you need a combination of approaches. You can make it much more difficult for burglars to get in with some good locks, sure. But you also want to know when – and probably as – they are trying to get in. You need to be able to capture as much information as possible. What time? What did they look like? Where did they go? What did they take? And how did they get in…
The same goes for cyber security.
Cyber attacks don’t just happen one day. A hacker doesn’t crack your system and hold your information to ransom immediately. They tend to have a sniff around. A nice long probe of your perimeter as they check for any weakness they can exploit to gain access. Then, once they’re in, they linger a while.
Because, just like burglars, cyber criminals are pretty skilled. They can get round the locks on your windows and doors. Ultimately, it’s their mission to find vulnerabilities and we haven’t yet met a business without any.
So what can you do?
It stands to reason that if you don’t know that an attack is happening, you won’t be able to put measures in place to protect yourself against it. Whether the threat is someone on the other side of the world behind a computer screen, or a little closer to home in the form of a malicious member of staff, you need to know pretty quickly when there’s unusual activity within your systems.
It’s worth noting that:
- Breaches can stay undiscovered for months, giving cyber criminals plenty of opportunity.
- Data breaches take an average of 78 days to detect – if they’re detected at all.
- Determined hackers are almost never slowed down by measures like firewalls and anti-virus solutions.
Introducing the Securious Logging and Monitoring Solution
Securious has launched a logging and monitoring solution suitable for SMEs, available at a range of price-points depending on the service required.
The most basic level (bronze package) consists of a SIEM (Security Information and Event Management) solution. These are increasingly being recognised as the backbone of a businesses’ cyber security strategy. SIEMs simultaneously tick some important compliance boxes; make it easier than ever to identify – and respond to – unusual or suspicious activity within systems and networks, and they help you keep fully accessible activity/audit records should you need them.
A SIEM is comparable to a high-tech CCTV system, in that it:
- Monitors, records and stores all activity and events within your networks and systems at all times
- Reports on all security-related incidents and events
- Learns what ‘normal’ looks like and flags suspicious or abnormal activity for further investigation
A SIEM also covers mandatory elements of some compliance standards such as:
- Centralised logging and monitoring (necessary for PCI DSS)
- Log retention – ability to trace back any incidents to obtain forensic evidence of attacks (ISO 27001)
- Regular vulnerability scanning (PCI DSS)
The Securious SIEM is powered by Assuria, based in the UK and a world leader in cyber security monitoring and scanning solutions. Assuria products are licensed around the world by government departments, defence agencies and major corporations.
But to make the most of a SIEM, you need to ensure someone is keeping an eye on the footage. A high-tech CCTV system is all well and good, but if it isn’t monitored, it’s likely going to be money down the drain.
Many businesses choose to keep the role of analysing their SIEM’s dashboard and data in-house, but for those that don’t have the resource, or need a dedicated team of specialists to monitor activity outside normal office hours, we have a solution:
The Securious SOC (Security Operations Centre)
If you imagine that your SIEM is a high-tech CCTV system, your SOC throws in a team of virtual security guards to keep an eye on everything. They watch the footage, investigate suspicious activity and look back at historic events to work out how a breach may have occurred.
SOCs have become an essential tool in large organisations over recent years but their cost has made them inaccessible for the rest of us.
The Securious SOC changes that, bringing an enterprise-level, world leading SOC within the reach of us all.
If you want a big win for your compliance and cyber security in 2020, check it out here, or give us a call to discuss how we can help. Prices from just £845 (+ vat) a month.