Running your business like it's the 90's

How well would your business operate if you came into the office to find the most high tech device still running was your fax machine (if you’ve even still got one)? Would you be able to run day to day operations without your laptop, phones or website? Could you transact sales, invoice clients or even pay your staff?

Right now more and more companies are facing this challenge due to the spread and increasing damage caused by today’s profit-focused attackers, with ransomware being particularly prolific. The NHS was a very high profile victim, as have been local government councils, and many financial service firms.  These attacks caused massive immediate operational issues, as well as long term brand damage and disruption.

Don’t make the assumption that ‘this won’t happen to me’ – the vast majority of security breaches happen via autonomous scans or spray and pray attacks, with adversaries looking for vulnerabilities to automatically exploit. Gone are the days where most incidents were perpetrated by hackers seeking a specific target. There is far greater reward to be gained by focusing their attention on particular vulnerabilities, rather than on specific companies. This is the lynchpin that is affecting so many businesses; very few hackers care about you. What they do care about is what you’re running and the potential for weakness. It’s also worth noting that for every front-page story on a hack there are hundreds of other businesses, just like yours, rendered incapable overnight and unable to operate their normal day to day activities.

To significantly reduce your exposure to these risks you need to architect your IT security with a multi-faceted approach:

• Visibility everywhere. Ensure you have clarity of your IT estate, what you’re running, where it is and how it’s connected.
• Update your platforms, servers, desktops and all other devices to mitigate known vulnerabilities and have procedures in place to make this routine and continually harden your setup.
• Protect your network as much as possible (you still need excellent edge protection).
• Monitor your entire IT stack for malicious behaviour – If you only know you’ve got a problem when you walk in the office you’ve left it way too late, this needs to be happening 24/7.
• Block at execution. Employ automated tooling to stop known and unknown threats before they take hold.
• Defend your IT stack in an effective way, build robust operational and incident plans so that you know what to do when the unexpected happens 

Achieving all of this requires dedicated resources, tooling and processes; and depending on your company size you are unlikely to be able to do this yourself with a true around-the-clock capability. With a shared responsibility approach, your team is free to focus on where they can make the most impact.

At Alert Logic we firmly believe that the future for enterprise security is with Managed Detection and Response (MDR), where the challenging external aspects of security, such as monitoring, research and response, are outsourced to an MDR provider – without your own unlimited budget it’s an impossible task to build a team, hunt threats and monitor 24/7. 

A far more effective approach is to leverage the capabilities of your MDR provider, and build an internal team that is focused on your business, your unique needs, and on continuous security improvement. In this way, your team can use advice and output from your provider to integrate those recommendations into your own strategy to remediate vulnerabilities or further investigate compromise attempts. When necessary, your team is far better equipped to work with the security provider to respond to incidents in real-time.

We have a crack team of 150 security professionals in the UK, hunting threats, researching vulnerabilities and providing 24/7 incident response for our customers. Our tooling helps to automatically block threats before they turn into breaches. Should any part of your platform be compromised, we’re on the phone in less than 15 minutes, with an expert there to guide you through the next steps to keep you secure.

• Do you know if you’re hacked right now?
• Would you know if you’re hacked at 3am on a Sunday morning?

If it’s no to either of these, you know who to call:

Alert Logic – Managed Detection and Response.