Following the statements made this week by the Minister for Cyber Security, Chloe Smith that companies need to recognise that there will be times when cyber-attacks do penetrate their systems.
Comment from By Lior Arbel, CTO of Performanta Limited, a specialist information security firm
Yesterday, UK Minister for Cyber Security, Chloe Smith, commented that; “the best defence for organisations is to have processes and measures in place to prevent attacks getting through, but we also have to recognise that there will be times when attacks do penetrate our systems and organisations want to know who they can reliably turn to for help.”
The topic of rogue and state sponsored cybercrime and espionage is a pertinent issue, and the Minister is absolutely correct in highlighting the need for companies to be realistic when considering the levels of threats they could potentially be faced with.
The realisation that attacks will on occasion get through first line defences is absolutely key. It is from this realistic start point that that a company can begin to deal with the attack in a co-ordinated and collected manner.
Organisations need to start looking not just at who is trying to access their network but also at what data is trying to leave it. Through systems of data management, data leakage prevention, user profiling and access management companies can track the movement of critical data. This allows red flags to be raised if there is abnormal activity giving awareness of the threat and allowing for a proper response.