There is also the matter of resources.
“A breach can cripple an organisation,” Coles
continues. “For example, the container shipping
company Maersk estimates their recent cyberattack
will cost them US$300 million in lost revenue. Yet
we often come across frustrated security teams who
feel they’re taking a pocket knife to a gunfight. CEOs
must think about the possible consequences of an
uncontained breach and make sure their people have
the budget they need to do their job effectively.”STRENGTHENING WEAK LINKS
However efficient the security analysts may be, some
vulnerabilities are beyond their control.
“Insider threat is one of the biggest concerns for all
organisations,” says Nigel Phair, Director of the Centre
for Internet Safety at the University of Canberra. “Weall respect our staff and assume they will do the right
thing, but roughly one in five cyberattacks against an
organisation arises from inside.”
Even more damage is caused unintentionally. The
‘2017 Verizon Data Breach Investigations Report’ found
that 66 per cent of malware was installed via malicious
email attachments, and that 81 per cent of hacking-
related breaches leveraged weak or stolen passwords.
And these risks extend to the very top of the tree.
“CEOs have a responsibility for the ongoing
functioning of their organisation and also for their own
brand,” says Phair. “This is often under cyberattack
through spear phishing – malicious emails that appear
to come from trustworthy sources – so business leaders
need to be very wary of the data they post relating to
both their corporate and their personal activities.”
Ongoing education is vital to ensure that everyone
is on the lookout for, and can recognise, suspicious
activity. But mistakes happen and Coles argues that
these should never be treated as a punishable offence.
“Again, it comes down to nipping problems in the
bud,” he says. “Whether it’s a sales assistant who
clicked on a malicious email attachment or a
cybersecurity analyst who missed a breach, they should
feel confident they will be rewarded for owning up
immediately so that the damage can be contained.”CYBER CRIMINALS CAN USE THE PERSONAL
INFORMATION CEOS SHARE ON SOCIAL MEDIA TO
CREATE CONVINCING SPEAR PHISHING EMAILS.
theceomagazine.com | 85A recent Ponemon Institute study found that,
in a typical week, respondents received an average
of almost 17,000 malware alerts.
“Even if a company had 20 dedicated cybersecurity
analysts, each one would have to review about 150
alerts every day,” says Kumar Saurabh, CEO and
co-founder of security intelligence automation platform
LogicHub. “If this leaves them feeling overwhelmed and
fatigued, they’re much more likely to miss a breach.”
INCREASING ENGAGEMENT
The combination of monotony and pressure can also
lead to low job satisfaction and high rates of attrition.
This is not only very expensive, but replacements could
also be hard to find. There is already a worldwide skills
gap and, according to the eighth ‘Global Information
Security Workforce Study’ conducted by the Center
for Cyber Safety and
Education (ISC) 2 , this will
widen to a 1.8 million shortfall
in qualified workers by 2022.
Saurabh suggests
automating as much of the
routine workflow as possible.
“This use of automation
would leave analysts free to focus on investigating and
solving real problems,” he says.
Advances in two specific technologies have made
this possible.
“Data analytics platforms are processing more
information faster,” says Healy. “This provides greater
insight into abnormal behaviour, which may signal a
security incident. At the same time, machine learning
has introduced the ability for security systems to ‘learn’
the behaviour of an organisation and so reduce the
number of false-positive alerts.”
Varying the analysts’ responsibilities can help
to keep them engaged.
“Instead of maintaining a separate team for
investigations, you could rotate staff between
investigations, operations, penetration testing and
engineering,” Healy continues. “This also gives you
a larger pool of resources in the event of a crisis and
provides a development path for career progression.”
The culture of the organisation can also play
a vital role in maintaining security.
“Transparency is very important. The information
technology team should have a clear understanding of
where management is taking the business,” says Coles.
“Loyalty is built on inclusion and feeling that your
contribution is recognised.”
Risk analysis | INNOVATE