Marco Bavazzano, CEO of Axiteaoutlines a strategy for protecting SMEs from cyber attacks with a keen eye also on cost containment.
Protection against IT attacks and costs: a handbook for SMEs
More and more often we hear about hacker attacks on key industries in our country. While this has helped raise awareness of the importance of protecting their critical assets from these attacks, in many cases enterprises still struggle to organize your own defences. As Axitea points out, in Italy, 92% of active companies are represented by SMEs, with very specific dimensions, business models and reference markets that force us to allocate economic resources and skills based on business priorities, often neglecting the management of the cyber risk.
Axitea: dfend off in ten steps
The result, as highlighted by a recent survey conducted by SWG for Confesercenti on SMEs, is that “one in four (26%) has been affected by IT security problems. 52% will allocate resources to secure their data during the current year, for a total investment of almost 470 million euros”. There are some aspects, and approaches above all, that SMEs should pay more attention to to ensure more effective protection from cyber attacks. We have tried to summarize them in ten steps.
Pensare alla security by design
One reason system and network security is rarely a top priority for SMBs is the ingrained belief that their size doesn’t fall under attackers’ radars. However, they still are numerous broad-spectrum ransomware attacks, launched daily against companies of all sizes and sectors, and SMEs are often the most impacted victims precisely because they are more defenseless. Companies must therefore change their approach to the issue of security: as for physical security, for which anti-intrusion systems are activated to intervene promptly in the event of an alarm, it is necessary to start from the assumption that computer systems are also always at risk and design the ‘integration of security technologies and expertise across the organization.
Define the risk perimeter
Given the specifics of SMEs, a standardized security project may not perfectly cover the scope of action of a company and fully safeguard its activity. Consequently, it is useful for companies to define their risk perimeter: to identify specific weaknesses, existing gaps in technologies and staff education, to establish a coherent response plan to cyber attacks.
Protection from IT attacks, the Axitea approach
Furthermore, this also favors economic savings: instead of investing in all the technologies available, with the consequent need of continuous maintenance and adaptation, specific technologies and strategies are identified on the basis of the company.
Axitea’s approach
Focus on training people
In IT security, risks originating from within the organization are increasingly taking on greater weight than external ones. The definition of an IT security and data protection plan, therefore, cannot be separated from an adequate investment in personnel training. The goal is to increase awareness of the right behaviors to adopt to avoid putting the company’s information assets at risk and to educate on intrusion reaction activities.
View threats to data not as isolated, but as persistent and repeated
In order not to lose valuable information, backup is no longer enough. Attacks such as malware, ransomware, APT (Advanced Persistent Threat), increasingly frequent, are repeated and sophisticated. The ransom note, for example, actually comes when the hackers have already achieved their goal – the theft some data. A managed anti-APT solution, for example, can help prevent compromise of the corporate network and machines, forced downtime of staff, and suspension of services until the situation recovers.
Establish an ongoing threat detection process
Cyber threats are constantly evolving, so it is not enough to implement a security service to consider yourself safe. It is necessary to establish continuous and proactive detection, capable of promptly detecting anomalous situations, unauthorized intrusions and IT incidents in the bud. The use of integrated security management in “managed” mode – such as that enabled by SOC-as-a-Service solutions – represents the ideal model for SMEs to be able to immediately and effectively take advantage of proactive and continuous security services. All at sustainable, modular and customizable costs without necessarily having internal resource costs.
Integrate advanced technologies to refine attack responses
The greater use of new connected technological devices, as in the case of industry 4.0, inevitably leads to a wider exposure to risk. Systems that integrate machine learning, threat intelligence and big data, if adopted throughout the corporate infrastructure, update themselves independently in relation to both the evolution of the company’s risk perimeter and the evolution of attacks and new compliance, and provide useful information to IT analysts to formulate timely and valid responses in the resolution of incidents and risk mitigation.
Always do a post-attack analysis to learn from mistakes
In the event that a cyber attack is successful, a fundamental step after the recovery of the situation is to analyze what happened: what were the vectors of infection, what data was stolen and how, and how and how much the incident response worked. This is a crucial stage to avoid making the same mistakes a second time and for speed up responses to subsequent similar incidents, adequately documenting what happened in a clear and shared manner.
Axitea – how to protect against IT attacks and costs
With this logic, then, we must also consider testing the entire process periodically to understand if we are ready to follow it and if all the contemplated actions are really feasible and in what times, activities that can be carried out with the support of companies that offer structured and ongoing adversary simulation services.
Identify a Ciso with technological and strategic skills
The IT departments of companies and organizations have to face a number of challenges and activities on a daily basis that often become unsustainable: the natural consequence is that the resources to be dedicated to cyber security are not sufficient. In this context, relying on a Chief Information Security Officer in as-a-Service mode, as an external figure of reference, can be the solution: this figure, in fact, not only possesses technical skills but also has a strategic vision to guide decisions business in terms of information security in support of IT.
Free up resources and energy on core activities by relying on managed protection services
When it comes to security, SMEs are faced with complexity in a landscape of over distribution, the need for constant adjustment (in terms of data integrity, privacy, compliance, IoT device proliferation, etc) and the inability to dedicate constant resources, all the year, as security would dictate. entrust the protection of their physical-digital spaces – by leveraging a more widespread model of “security outsourcing” – to companies specialized in the preventive and continuous management of corporate security allows SMEs to keep a high level of attention to their core activities, remaining at the Safe.
Axitea – adevelop an ecosystem logic
As demonstrated by the events of recent years, the corporate value chain is increasingly articulated and interconnected, with supply and demand balances that can be suddenly affected at any moment, with significant consequences for the growth of SMEs.
Faced with these barriers, the evolution of existing business models through technology can help SMEs to lay the foundations for future sustainable growth: the more individual companies adopt defense mechanisms, the more the security of the entire ecosystem in which they operate will be guaranteed.