The UK’s newly appointed Minister for the Digital Industries Matt Hancock gave his first speech on cybersecurity last month. Hancock is tasked with managing government policy towards the fast growing digital and creative sectors, ensuring they continue to thrive. Speaking to an audience of businesses he acknowledged that the “vast majority of cyber attacks exploit basic weaknesses” and called on all organizations to prioritise “good basic cybersecurity.”
It’s encouraging that the Minister recognises this problem, because the fact is: the security industry has gone too far towards the bleeding edge in pursuit of new methods while neglecting some of the elementary principles. As a result, unsophisticated attacks increasingly succeed in breaching private and public sector organizations, even when they are protected by highly complex and expensive security systems. PWC have found 2015 saw a 38% increase in security incidents compared to the year before.
Rather than over-complicating cybersecurity, organizations need a way to accurately monitor endpoints and be able to quickly affect change. This basic principle is true even in highly complex, massively latent, or challenging network conditions. The Minister didn’t expand on why companies make these basic mistakes, but we hope that the UK’s new National Cybersecurity Centre, which is expected to open next month, will prioritise helping organizations address the errors that crop up time and time again.
One thing is for sure, there is no problem with funding cybersecurity initiatives. Forbes estimated the global cybersecurity industry was worth $75 billion at the end of 2015 and will hit $170 billion by 2020. Businesses are throwing money at the issue yet reports continue to show how the number of attacks are increasing month on month, week on week.
With all this as background, there’s a natural temptation for organizations to jump ahead and deploy the latest point tools while forgetting to ask the basic questions. Can we count the number of machines on the network? Does my organization know the number of users with admin rights? Could we identify vulnerabilities and then quickly patch each one? This is little more than simple counting and the ability to act swiftly to mitigate, isolate or trace a threat – but it’s a method that would improve security and save organizations money.
When companies focus on getting the basics right, it is amazing what companies discover about their own systems. From our own perspective at Tanium, we’ve seen our clients be able to fix issues they never even knew they had:
These are all real world examples that illustrate the value of total visibility and control at speed and scale. The UK has some shown some encouraging signs of recognizing the need to improve basic hygiene and we look forward to seeing more of their approach in action. The first role of the National Cyber Security Centre (due to open in October) when advising businesses, should be to ensure they adopt good visibility across their networks.
However, we’re also mindful that the British Government needs to ensure it takes its own advice. A worrying report from the National Audit Office recently accused Whitehall of not taking its own information security seriously. The new Minister has shown he understands some of the big cybersecurity issues facing the UK, but he must make sure this approach is followed in the public sector as well as in business.
Like what you see? Click here and sign up to receive the latest Tanium news and learn about our upcoming events.
About the author: Dylan DeAnda is a Senior Director of Technical Account Management in EMEA for Tanium, with a focus on EMEA customers and their unique challenges. DoD Commanders have called him a “horse whisperer” and a “cat wrangler” for their Security and Operations Teams. He has provided Common Operational Picture solutions for Joint and Coalition Forces Commanders in the U.S. and overseas. Prior to supporting our nation’s War Fighters, Dylan supported the nation’s largest commercial entity’s cloud-based operations. He has written and edited technical books on Microsoft Internet Information Server 5.0 and Microsoft Application Servers. Prior to his career in technology, Dylan served in the U.S. Army as a Korean Linguist, specializing in Military Intelligence and Electronic Warfare.