Read Time: 3 Minutes
When reading headlines, it looks like cyber security is getting momentum as a topic of interest. A recent study by Juniper Networks and RAND reveals that companies are paying much more attention to cyber threats and cyber security than five years ago. They are also spending a lot more money on it. However, this does not mean increased confidence in the investments making the infrastructure secure.
The UK Government has just published a report stating that the average cost of the most severe online security breaches for big business now starts at £1.46 million – up from £600,000 in 2014. For small and medium-sized businesses, the cost of the most severe breaches can now reach as high as £310,800, up from £115,000 in 2014.
In Germany, the Parliament may need to replace all their software and hardware as a result of a hack. After several weeks, Trojans still keep on sending information from the Bundestag internal network to an unknown destination. If this happens, the operation would end up taking months and cost millions of Euros.
Today, cyber-attacks are more profitable than the infamous drug-trade. No wonder cybercrime is a growing business…
How to diminish the potential cost?
A good way to avoid problems, at least for the average company, is to use security software that stops the attacks before they can reach the company network. There’s no need for detection or clean-up if you cannot be breached.
However, even if you have been hit, there is still a way to minimize the clean-up costs.
Jarno Niemelä from F-Secure Labs advises: The most expensive part of the clean-up effort is finding out which systems are affected by the breach and which have not been touched. Therefore, collecting and maintaining a good software inventory and a list of checksum hashes of all executable files, as well as making sure that log information covers at least the past 6 months, are good tools to minimize the effort spent on investigation, thus reducing investigation costs significantly.
Vulnerabilities at the core of a big part of the costs
In light of the rising number of breaches experienced over the last two years, RAND warns that cybercriminals are becoming impervious to security tools that they can develop countermeasures against, making their attacks more successful. The study conducted finds that major cyber security cost reductions could be achieved through the elimination of software vulnerabilities.
In April, F-Secure’s latest Threat Report found that software vulnerabilities are increasingly dominant among detections. In June, HP confirmed this in their own report where they estimated that about 85% of cyber-attacks could be avoided simply by patching vulnerabilities.
Still, companies do not patch… Verizon’s 2015 Data Breach Report finds that 99.9% of exploited vulnerabilities had been compromised more than a year after the associated patch was published. Furthermore, the report reveals that just ten vulnerabilities were behind 97% of attack attempts seen by Verizon in 2014.
So why are companies not patching their software if that would help them avoid costly and harmful attacks? Even with the increased publicity, some simply might not be aware of the reality of the threats. Some might think they are too small or insignificant to be interesting targets. This is a false assumption when a lot of the attacks are based on opportunity, rather than being targeted. And some may consider the cost and effort of software patching to be too big. Or they might not even know which software is run on their company network if employees are allowed to install software and applications themselves.
One way to ease the efforts related to software patching is to use an automated patching tool.