The current model for Cyber Security just isn’t working – Cyber Security systems are broken.
More and more Large Enterprises are being breached by determined, sophisticated Criminal Networks using widely available Ransomware tools that quietly breach our “Cyber Secure” infrastructure with ease. The fact is that the mainstream Cyber Security vendors are stuck in the past sweating “path dependent” legacy security infrastructure assets, whilst at the same time frantically trying to catch-up with the threat landscape by acquiring the latest “predictive analysis” IP from juvenile start-up tech companies with no track-record. Overlay the undoubted ineptitude of most in-house Information Security resources we see every day, who are entrusted to protect your Information Assets and “guess the source” of the breach on your behalf, and you can see that there is a real recipe for disaster evident in the profile of the recent breach events.
So what is the answer?
Trustify has been “quietly” monitoring and analysing the trends and outcomes of breach events for the last 3 years and we have been developing a suite of Cyber Risk Management technologies designed to Leap Frog the Cyber Crime Community’s current focus.
Let us give you a real example:
Most of the recent, highly publicised breach events have involved injecting and hiding an instance of Malware on to the target’s mission-critical infrastructure. These infiltration events are typically disguised as DDoS attacks where the target’s infrastructure is flooded with connection requests and sometimes missing the real threat. This mainly results in a focus on killing the DDoS attack – but by that time it is too late, the deed has been done, the target has been “sold a dummy” and the Malware has been planted.
What is deeply concerning about this category of Malware is its ability to stay hidden and deliver large volumes of sensitive customer data back-out to crime servers. This TOR-category breach uses crypto sessions to communicate back out to the dark side of the web typically without being traced by the target’s monitoring technologies. Rarely are these up-to-date.
As a result of largely ignoring the vital importance of strong End Point Encryption practices targets are leaving the front door open to these attacks. Another worrying trend is that most of the data the Malware is targeting is also unencrypted at rest. So no matter how many layers of Intrusion Detection and Protection the target has in place the key asset is wide-open to being breached.
Most Incident Response structures and processes are multifarious, if present at all, and there are no standard practices. This creates a culture of guessing around breach events often culminating in an unstructured panic, rather than a “root and branch”, “drains-up” approach to the breach. There are very few global players in the Forensic space with the Tools, Resources, Processes and Expertise capable of handling the scale and profile of recent events.
We know this because we have been advising Enterprise organisations for over 20 years on Data Encryption Best Practice. Those who have taken our advice stay safe and those who haven’t, despite receiving our regular bulletins on the poor state of their End Point Encryption posture, are being regularly hacked. Remember only c. 2-3% of major breaches make the front page.
So, we have watched, considered, designed, developed and tested a new generation of Cyber Risk Management tools to ensure that our customers fully understand what is going on, how to combat these daily risks and most importantly how to persistently protect their key Information Assets. We have also taken this a stage further and involved a major Cyber Risk Insurer in our service-build to bridge the gap between Cyber Risk Tracking and Mitigation and designed to reduce insurance premiums.