Home
Blog
Cyber resilience and digitalization

Cyber resilience and digitalization

Avatar photo
Hwei Oh
01/05/2023
Share this article:

According to a McKinsey survey, the COVID-19 pandemic sped up digital transformation — or digitalization — by several years. Digital interactions between customers and organizations soared to 58%, three years ahead of expectations. And the percentage of businesses that now offer some form of digital product or service is at 55%, seven years ahead of expectations!

Digitalization greatly improves efficiency. For example, bookkeeping software connects directly with bank accounts so that a company can track all its expenditures and income easily. Project management tools improve completion times and identify gaps in productivity while stock-keeping systems help companies keep track of inventory.

But despite all the improvement that digitalization brings to a company, it is also true that the more you digitalize essential areas of your business, the more impactful outages can be.

A prominent example of this is the Colonial Pipeline hack where an attacker was able to infect several systems connected with the pipeline, bringing it down for several days. The hack prompted the President of the United States to declare a State of Emergency because the pipeline is the largest and most important in the USA. The hackers gained access to the Colonial Pipeline network through an exposed VPN password. After that, they were able to inject ransomware into the network, prompting a national emergency.

Although attacks leveled at SMBs might not capture as many headlines, the message is the same: digital assets and infrastructure can be more easily disrupted or brought down than their non-digitalized counterparts.

It seems clear that digitalization has both pros and cons. Let’s look at the positive aspects first.

How digitalization helps organizations

There is almost no area of a business that digitalization can’t improve.

For example, Amazon Web Services brings scalability, enterprise-grade solutions, to even the smallest of businesses. Companies no longer need to invest in expensive software and hardware – or their maintenance — they can simply sign up for an AWS cloud solution.

Office365 and Google Workspace bring office tools to companies at a fraction of what the software used to cost. Even the overly complicated process of payroll is now solved easily through online payroll solutions, as are numerous other HR tasks.

All the above adds up to improved efficiency and a reduction in time lost. According to a study by Fujitsu, companies that embraced digitalization were 39% more efficient than companies that didn’t.

Digitalization may be vital for well-ordered productivity, perhaps even for long-term survival. But companies need to know the risks involved.

How digitalization creates risk

Data can be exposed on the internet

Digitalization increases risks in several ways. The first of those is by having your data on the open internet where hackers can get to it. While this is a necessity to work with business partners and increase productivity, the risk of losing data can lead to further compromise of systems, loss of customer trust, and even regulatory fines.

Privacy regulations, in particular, will become a larger risk for many organizations as governments around the world continue to make businesses more accountable for data breaches. Fines will also become higher and more widespread.

Downtime

Server downtime is another problem with third-party services. In June 2021, a large chunk of the internet went down — including Twitter, Hulu, Reddit, Twitch, and Amazon itself — when AWS suffered an outage.

And when cloud services provider Fastly went down around the same time, it took down CNN, The New York Times, Amazon, and Hulu with it.

Security breaches can also lead to downtime. If a threat actor takes down a major player such as Fastly, they can take down a large swath of the internet with it. 

Increased attack surface

The more a company is digitalized, the wider its potential attack surface and perimeter become. For example, the Colonial Pipeline hack mentioned above was believed to be caused by an Eastern European hacking group called DarkSide. One of its members was arrested in Russia earlier this year. Prior to digitalization, many of these systems were traditionally offline and inaccessible remotely.

It’s not just the increase in remote access, but also the number of people and their user accounts that have access. Hackers can take advantage simply by using scanning tools or deploying social engineering attacks against employees.

According to a report by NordVPN, at least 84% of Americans have experienced some form of social engineering behavior but only 51% could identify it as a cybersecurity issue.

Even top IT professionals can fall prey to social engineering, as occurred in the recent hacks against Uber and Dropbox.

Third-party data breaches

Companies using third parties to store data have little to say over third-party data breaches, yet they’re affected greatly. And third-party compromises are becoming more common than ever, such as when a misconfiguration of a Microsoft endpoint recently resulted in the exposure of 65,000 customers’ details.

The hacks were bad enough, but the PR fallout was worse, with a mudslinging match being waged between the Redmond giant and security firm SOCRadar who first exposed the leak. The security firm went on to create a search engine with the leaked data which the company promptly took down following a Microsoft complaint. SOCRadar said that the search engine was supposed to help users determine what data of theirs had been taken because Microsoft had allegedly not notified authorities of the breach.

Regardless of where the finger points, data was leaked and that remains a major problem for any company using external services.

Cyber insurance might be an option here to prevent any resulting lawsuits that could come back to you because your data was stored on a compromised third-party’s server.

IT starts losing control

For better or worse, IT departments have traditionally held an iron fist over a company’s IT infrastructure. Installing applications often required IT approval and admin rights. Such a system has its pros and cons. It might be more effective at defending against cyber attacks, but it can also drastically slow down projects and, ultimately, the company’s growth.

By using external digital services and unmanaged devices without IT’s knowledge, companies start to operate with what’s called a “Shadow IT” environment where software and changes to the network are affected directly by users, without resorting to IT approval.

The good news is that plenty of software and tools now exist that let IT departments do their job despite such a complex ecosystem. For example, there are analytics tools that detect anomalous behavior on a network and alert IT that something needs to be done.

Supply chain hacks

Supply chain breaches happen when a hacker gains access to your systems through a third-party supplier. The most notable of these hacks was the enormous SolarWinds hack of 2020, estimated to have been carried out by at least 1,000 engineers. Microsoft president Brad Smith called it the “largest and most sophisticated attack the world has ever seen.”

The level of sophistication of this attack was incredibly disturbing, and serves as an example of just how advanced cyberattacks have become. According to a government alert, the hackers responsible allegedly used multiple strategies to gain access to “government agencies, critical infrastructure, and private sector organizations.” 

Microsoft, FireEye, and Malwarebytes were also compromised in this epic hack.

By hacking one supplier, hackers can gain access to all the customer accounts of that supplier. Keep in mind, that includes both your own supply chain and the ones that you belong to! You don’t want to lose an important business contract due to the exposure your company represents.

What organizations can do to protect themselves

It might all sound like doom and gloom, but it most certainly isn’t. Companies that are prepared fare much better than companies that aren’t.

IBM’s 2022 Cost of a Data Breach Report says that companies with a full incident response plan in place save an average of $2.66 million per data breach. Further, companies with extended detection and response technologies in place save 29 days in response time compared to companies without these technologies.

With that in mind, let’s look at the different ways your company can protect itself:

Adopt Cyber Resilience

The first step to managing modern cyber risk is to adopt a “prevention is not enough” mentality. In order to become cyber resilient, you need to prevent, detect, and respond to threats. Preventing where you can is helpful, but it’s also imperative to identify when an attacker has gained access to a system and respond appropriately to kick them out. Swift action can drastically reduce the business impact of a cyber attack.

Sophisticated tools and technologies now exist to maximize an organization’s defense despite the move toward digitalization.

Here are some examples of these tools:

EDR is a collection of technologies that help detect anomalous behavior at any of a company’s endpoints. EDR technology constantly monitors endpoints, reports suspicious behavior, blocks malicious activity, and provides suggestions to remedy any potential breaches.

Active Directory Monitoring is another technology that specifically monitors Microsoft’s Active Directory to establish if any suspicious behavior is occurring.

Also, lateral movement detection is a set of technologies that can help establish if an attack is coming from a third party.

Lateral movement refers to the wide array of techniques that cybercriminals leverage to gain deeper access to a network. They do this by exploring the network and installing remote access tools, or by attempting to gain access to different accounts.

Detecting lateral movement requires behavioral analysis and real-time monitoring technology which are used in combination to prevent such an attack from getting worse.

Understand that this will require additional budget to address the bigger risk

Your company’s security debt will be much larger compared to the initial funds required to increase its security posture. The United States in particular has the highest average cost for data breaches in the world — a staggering $9.44 million, which is almost double the world’s average, according to IBM’s Cost of a Data Breach 2022 report.

Cybersecurity requires budgeting. The key is to find a security solution that gives you the best value for the money that your allocated budget allows, not cut the budget.

Work with a Managed Security Service Provider (MSSP)

The best way to sensibly stretch your budget is to use an MSSP (Managed Security Service Provider). A good MSSP will have carried out due diligence on all its suppliers to provide you with the best possible solution at the fairest price for all your cybersecurity needs.

MSSPs cover the full gamut of cybersecurity services. They do this by pre-vetting suppliers for core security services and then recommending these vendors to you based on your needs.

The MSSP business model is based on working with suppliers who deliver only excellent service, so working through an MSSP greatly reduces the risk of dealing with a subpar vendor.

Additionally, leaders save a lot of time going through an MSSP because all the hard work of finding the right supplier has been done by the MSSP.

SolCyber’s unique MSSP offering

Traditionally, MSSPs have brought together multiple vendors under one umbrella, but clients still had to deal with all those vendors themselves, including signing multiple contracts. When they needed assistance, it was up to the customer to know which vendor to call.

SolCyber took the MSSP paradigm a step further to completely eradicate confusion and complexity for our clients. With SolCyber, you only have one vendor contract, one number to call if there is an issue, and one pricing model that covers all your needs.

We offer cybersecurity services and protection that span the entire gamut of potential vulnerabilities, as well as services for recovering from those vulnerabilities. There is no area of cybersecurity that is left untouched through SolCyber’s modern cybersecurity program.

To learn more about how SolCyber can help your company protect itself from cyberattacks, contact us for more information.

Avatar photo
Hwei Oh
01/05/2023
Share this article:

Table of contents:

The world doesn’t need another traditional MSSP 
or MDR or XDR.

What it requires is practicality and reason.

Related articles

Businesses don’t need more security tools; they need transparent, human-managed cybersecurity and a trusted partner who ensures nothing is hidden.

It’s time to move beyond the inadequacies of current managed services and experience true security management.
No more paying for useless bells and whistles.
No more time wasted on endless security alerts.
No more dealing with poor automated services.
No more services that only detect but don’t respond.
No more breaches caused by all of the above.

Follow us!

Subscribe

Join our newsletter to stay up to date on features and releases.

By subscribing you agree to our Privacy Policy and provide consent to receive updates from our company.

CONTACT
©
2024
SolCyber. All rights reserved
|
Made with
by
Jason Pittock

I am interested in
SolCyber XDR++™

I am interested in
SolCyber MDR++™

I am interested in
SolCyber Extended Coverage™

I am interested in
SolCyber Foundational Coverage™

I am interested in a
Free Demo

1849