Why business leaders need to evolve their approach to cyber security

In this article, CEO Pete Woodward explains why we are moving into a new era for cyber security, where traditional accreditations are not in themselves enough.?

Instead, we need to integrate continuous monitoring of our systems and devices to protect against the latest and most serious threats…

As CEO of a cyber security company that helps numerous clients achieve compliance goals like ISO 27001, Cyber Essentials and PCI DSS, it might appear I am about to bite the hand that feeds me…?

Why?

Because I am going to express reservations about the extent to which these accreditations should reassure us in today’s world.?

You wouldn’t assume a car is in tip-top condition today because it passed its MOT 7 months ago

The problem, in a nutshell, is that threats are evolving at an ever-increasing pace. We need to know we are safe today, not that we ticked all the boxes at our last assessment three (or whenever) months ago.

My argument, however, is not that accreditations like?ISO 27001,?Cyber Essentials?and?PCI DSS compliance?are not valuable. They really are. But on their own, they are no longer enough.

That’s because they all depend on a single-moment-in-time annual assessment.?

It’s like assuming a car is in tip top condition today because it passed its MOT 7 months ago. The MOT is important, but so is regular checking and maintenance.?

With cyber security, it has to be exactly the same. For many business leaders that will require an evolution in their approach.

Adding a ‘live’ MDR element to your cyber security defences

What matters most is whether your systems and devices are secure now, not whether they were at some stage in the past.?

To enable you to answer this with confidence, you need to be able to see what’s happening and ensure you are alerted if anything goes wrong.?

In technical terms, we’re talking about?MDR services?where MDR stands for Managed Detection and Response.?

An MDR service is a package built on the back of a SIEM (Security Information and Event Management) solution that will monitor your network 24/7. It does this by collecting logs from multiple devices across a network (cloud and server) and amalgamating the data into a usable form.?

In the MDR service, this monitoring and logging is combined with alerts if the system detects threats or abnormalities and triage from a team.

So what difference does a ‘live’ MDR service make to your cyber and data security?

It’s no exaggeration to say that a live MDR solution changes everything.

Most importantly, it gives you visibility (or observability as the Americans have started saying).?

After all, if you can’t see what’s going on, you can have little or no chance of fixing it. But you can take control when you can see what’s happening: who is logging in, when and where from, which files are being accessed (or downloaded), whether software patches have been applied and so on.

What’s more, if you do suffer a breach, you have a decent chance of spotting it quickly, working out what went wrong and minimising the damage.

Best of all for many business owners – especially for SMEs – is that an MDR service comes with expertise. This means you don’t need to rely on your existing team, IT support or on recruiting new people. Instead qualified experts will interpret the alerts and reports and advise you what they mean and what you should do.??

Are you saying this makes accreditations like ISO 27001 and Cyber Essentials redundant?

No! Absolutely not.?

The traditional accreditations-approach is still incredibly important and something we wholeheartedly recommend.?

Achieving and maintaining accreditations helps organisations to get their systems, technology and processes into good shape in the first place.

It also helps give organisations a reputational boost. This means they can demonstrate their suitability to customers and as part of supply chain due diligence.

What I am suggesting is that, on their own, they aren’t enough to protect against the most serious current threats.

However, you get the best of both worlds when accreditations are combined with a live MDR service. This ensures a solid foundation with 24/7 monitoring, which will give you a level of continuous reassurance that isn’t possible any other way.

To return to my car analogy… It’s like passing your MOT so you know everything is sound… But then getting immediate alerts whenever your tyres need inflating or your oil needs topping up.

Most modern cars now do this, but most organisations aren’t in the same place with their cyber security.

MDR – not just affordable but a highly cost-effective investment

In the past, MDR solutions that delivered this kind of visibility and monitoring were only accessible to the largest organisations. The good news is that’s changing! It has been my mission to help make them accessible for all organisations who care about protecting their data.

It is now possible to have an MDR solution active across an organisation for a monthly fee no more than you would spend on a few Office 365 licences.

And by having the MDR, organisations can eliminate or reduce many other lines of spending. For example, an MDR will provide much of the documentation required for compliance with PCI DSS. This will reduce both the time and spend otherwise required. Similarly, it will eliminate the need for regular vulnerability tests and reduce the need for expensive penetration testing.?

All things considered, an MDR should be an excellent and highly cost-effective addition to your environment. It is the perfect complement to your cyber security and information management accreditations.

Want to learn more about MDR (Managed Detection and Response) and how it would improve your cyber security?

If you’d like to understand more about what a Managed Detection and Response (MDR) service can bring to your organisation, please get in touch and we’d be delighted to talk you through it or answer any questions.

Or if you'd like to learn about how Troy, the UK's leading group of industrial engineering supplies, are using our MDR solution to protect their data and assets round the clock, check out our latest blog by clicking here.