IT security is the first priority when preparing for risks


Organizations today are increasingly aware of the threat posed by cybercriminals. However, the way they react to it is changing, with an increasing focus on risk management

As IT has become central to every organization’s operations, a threat has grown with it: not only are cyberattacks becoming more common, but in today’s hyper-connected world, the consequences of success are worse than ever. In response to this, ever more sophisticated security solutions are being deployed, including the use of active threat hunting and artificial intelligence.

Beyond technology, there has also been a broader transformation. Increasingly, companies are looking to assess their readiness from a risk management perspective and are turning to specialist managed service providers to assess the risks they face in order to prepare for them.

Of course, risk cannot be measured if the IT estate itself is not understood, so making sense of the systems an organization uses is an essential first step.

“What we do is a gap analysis, CIS and NIST, analyzing the business from an IT perspective,” said Fergal Meehan, government relations manager at managed security specialists Paradyn.

Paradyn’s methodology uses a traffic light system to explain to the company how vulnerable it is and where its weaknesses lie.

“If there is something like a telephone system, for example, it will be a red, an orange or a green, and then we determine what the risk is for the business if it is orange or red. It is very important to explain it to the management,” he said.

Working with public sector clients, Meehan found that these organizations were more inclined than ever to take security seriously and were now ahead of some private sector sectors.

“Supply can be a problem. Public bodies tend to know what they want, but the procurement process can be difficult,” he said.

“Certainly we have seen a lot of growth in security awareness.”

First and last line of defense

With IT security, the mantra has long been that attacks are not so much a case of “if” as of “when”. With this in mind, information security itself, important as it is, is not the only method of managing and mitigating risk.

Meehan said that alongside traditional security measures, any serious risk mitigation strategy will take backups very seriously, because getting an organization back up and running after a problem or breach is one of the most crucial tasks.

“Most of the time it’s about backups. You can have all the systems and hardware in place, but ultimately the key defense is backup,” he said.

That doesn’t mean security is any less important, and Meehan advocates a “zero trust” model that starts at the device level. It’s about acknowledging the reality of the growing threat and ever-widening attack surface.

“There’s no such thing as being risk-free, so what’s the best thing to do?” Well, to have good, good backups. Ransomware is one of the best-known threats

Backups themselves can be, and often are, a target as well, so they must be unalterable. If not, attackers can encrypt them, meaning a business won’t be able to get back up and running after an attack.

“[We do] offsite backups, which are tied to the space around disaster recovery. We discard safeguards, creating immutability. This means you have a read-only version of the backups, so they themselves are protected from the threat of ransomware,” he said.

By working with a managed service provider, companies can set recovery time objectives and recovery point objectives, as well as a comprehensive service level agreement. After that, however, they shouldn’t just sit back and relax. In order to ensure that they actually work when called upon, backups must be tested.

“It’s important that you do your testing, and if you don’t have the expertise in-house, your service provider can do it for you. You have customers who prefer to do it themselves because it means they don’t have their eggs in one basket: they have backup as a managed service but they do their own in-house testing,” Meehan said. .

Of course, one of the reasons a managed service provider performs regular testing may be that an organization doesn’t have an in-house IT team. Another, however, could be that the IT team is already overloaded with work just keeping the lights on, and that’s precisely when the risk of a breach will be at its highest.

“Even those with IT departments are in so much of a strain these days, especially with cybersecurity,” Meehan said.

Comments are closed.