The ousting of Target’s CEO and the fact Morrisons’ CEO had to give up his bonus following recent massive data breaches show just how quickly a company’s reputation—and that of its senior leadership—can be overwhelmed by an attack on its network. With hacking becoming increasingly sophisticated and frequent, we can expect more scrutiny from regulators, shareholders, analysts and the public on what management teams are doing to protect their most valuable information.
As data security moves up the boardroom agenda, Andrew France, chief executive of cyber defence firm Darktrace, explains the top five questions business leaders need to consider to stay prepared.
1. How do you identify your biggest risks?
Risk assessment is a part of day-to-day business today—but how is this done, and how has your risk management strategy changed in response to today’s more advanced tech savvy hackers? A strong governance structure is important to supporting and enforcing this strategy.
2. What are the top 3 threats to the organisation right now—and what are you doing to curb them?
It’s great to have analytics tools that tell you about data breaches. But, when these are producing hundreds of alerts every week, it’s not possible to address them all in a meaningful way. Prioritise to ensure you focus on the most deceptive threats, rather than getting caught up dealing with swathes of minor breaches and false positives. If your team cannot tell you what the top three threats are at any one time, there is a problem.
3. What is your insider threat strategy?
Every employee carries risk, whether they have malicious intent or not. Insider threats can come from a competent user who deliberately misuses their access privileges or one who inadvertently falls victim to a phishing attack. Remember: it’s not just employees that are insiders, but people all along the business supply chain. How effective—really—is your home and mobile working policy? Have you got a clear approach for managing this internal risk?
4. Is the corporate network secure?
Trick question: if the answer you get from your IT department is ‘yes’, you have a problem. Today’s networks are far too complex, porous and interconnected to be able to secure them entirely. While strengthening the network as much as possible is important, companies need to start working on the basis that they will be hacked. They need to adopt strategies that allow them to quickly identify and counter ongoing risk.
5. Do you have the right kind of cyber defence technology within the network?
Networks are far too porous to rely on security around the outside—93% of large UK corporations have been infiltrated. Advanced threats are capable of getting round even the strongest security protocols, changing their methodologies during the attack mission to reach their goal. But all is not lost: next-generation technologies can use machine learning and the most cutting-edge mathematics to adapt to evolving threats in real time. When combined with operational and intelligence expertise, this dramatically improves a company’s ability to act on emerging threats in an efficient and pragmatic way.
- Andrew France, a former deputy director for cyber defence operations at GCHQ, is CEO of data security firm Darktrace.