Speed is the critical factor in mitigating the damage of a cyber attack, and will remain so for the foreseeable future. This is according to 74 percent of the C–level information security executives who participated in our brand new Small Gains, Big Wins Study, which looks at the cyber security attitudes of 250 CIOs/ CISOs/ CSOs in UK-based companies with 500+ employees.
In the current cybersecurity landscape, zero-day threats can appear without warning and spread like wildfire. This is evidenced by the sophisticated WannaCry and GoldenEye/NotPetya ransomware strains that caused untold damage worldwide in 2017. When faced with such swift and advanced malware variants, minutes and even seconds matter.
Time is of the essence
Most information security executives are aware of major attacks within a relatively short time – 56 percent find out about a new large-scale public cyber threat within 24 hours. But when dealing with such serious and fast-moving threats, it is critical for organisations to be prepared to take action almost immediately.
There is confidence amongst information security executives in their teams of security professionals – 41 percent believe that human cybersecurity researchers are most effective at detecting cyber threats, more so than anti-malware and machine-learning techniques.
Whilst this focus on having the right team in place is not without merit, it may prove shortsighted if pursued to the detriment of technical capabilities. For instance, more than half of businesses would take more than 24 hours to patch critical company devices in the event of a breach. Faced with modern malware variants such as NotPetya that can spread within hours, this is simply not quick enough.
Every minute matters
To effectively bridge the gap between a malware outbreak and human detection, the right tools are absolutely essential. 80 percent of our survey respondents agreed that threat analytics, and the ability to quickly understand the data, is critical to both risk mitigation and business continuity in an organisation.
Adaptive anti-malware solutions can make effective use of machine learning techniques to identify suspicious files and activity, preventing the compromise of critical systems until human security researchers can patch vulnerabilities.
But the need for speed doesn’t stop with threat detection. 11 percent of the information security professionals we surveyed suggested it could take up to a week to publicly announce a large scale cyber attack. Once GDPR becomes enforceable in May, this timescale will need to be reduced to within 72 hours, at the risk of a significant fine.
By infosec teams ensuring they have taken every possible precaution possible to prevent the breach from happening, there is no reason why this timescale to transparency should cause a problem. This is just one example of a small change infosec executives can make in regard to GDPR compliance, that could result in a huge ‘win’ for a breach-affected organisation.