From basic antivirus software to highly sophisticated network monitoring systems, we look at some of the technology solutions available to help organisations in their battle against cyberattackers.
Rise of the attacks
As technology is getting more sophisticated, so too are the fraudsters, says Neil Redmond, director of cybersecurity, PwC Ireland.
“Cyberattacks are not abating. In fact, the proportion of businesses around the world that have experienced a data breach of more than €1 million has increased by a third in 2023 compared to 2022 – from 27 per cent to 36 per cent.
“Given the geo-political instability in the world currently, the number of elections in 2024 and the advent of AI-based malware, this is a trend that we see continuing.”
Making products that are more relevant, more efficient and run smoother with less energy consumption
How your KitKat break is helping cocoa-farming families close the living income gap through an innovative programme
Renewable gas will power Ireland’s decarbonised future
All aboard: Ten great things to see and do in Heritage Week
How cybercrime affects Irish businesses
Cybercrime is one of the main causes of financial and reputational damage for organisations across the world and is a growing concern for businesses, says Redmond.
“We see third-party breaches as the top cyber threat concerning Irish organisations,” he adds. “Malicious groups are continuing to target relationships between organisations and their suppliers to gain access to the organisation’s network or sensitive data through alternate channels.”
Modern threats
Peter Strahan, CEO of Lantech, outlines some of the more modern threats he has seen: “Adversary-in-the-middle (AiTM) attacks target session token theft, allowing attackers to bypass multi-factor authentication (MFA) completely. Ransomware continues to evolve, with more advanced encryption methods and broader distribution tactics, targeting both large enterprises and SMBs.
“Phishing and social engineering attackers are using increasingly convincing methods, including AI, to trick users into divulging credentials or installing malware.
“‘Zero-Day Exploits’ attackers exploit vulnerabilities before they are known or patched, making timely updates and threat intelligence crucial.
“And ‘supply chain attacks’ compromising trusted vendors to infiltrate larger networks have become more common and harder to detect.”
Protecting businesses from attacks
There can’t be too many businesses that are wholly offline these days, so businesses everywhere and of every size need to protect themselves. Businesses should adopt a holistic security approach, leveraging AI/machine learning for comprehensive threat detection and regularly patching systems to defend against both known and zero-day vulnerabilities, says Anthony Walsh, country director for Ireland at Cato Networks.
“Key measures include implementing single-pass cloud processing for visibility and policy enforcement, adopting secure DNS despite its complexities, and shifting from unsecured protocols to secure versions like HTTPS and SMBv3.”
It can be a challenge for SMBs and SMEs to remain ahead of emerging cyber threats, says Strahan.
“However, there are some great resources. If using the Microsoft platform (Microsoft 365), find your Microsoft Secure Score – it’s benchmarked out of 100 and in our view anything lower than 65-70 can be a signal of significant risk and a lack of proper management of cybersecurity.”
Strahan says it can be tempting to buy “the latest tool” to secure a business but often this approach leaves more gaps.
“The UK National Cyber Security Centre (NCSC) has for many years had a fantastic foundational cybersecurity standard called Cyber Essentials with the entry-level a self-assessment. Any business can adopt this standard and is a great foundational step in ensuring the basics are in place. There is an expected similar accreditation coming from the Irish NCSC.”
Redmond says that when it comes to security measures, the key to remember is that the right people should have access to the right data at the right time in order to perform their role.
“This means that identity and access management is a key solution for any organisation to employ,” he adds. “These solutions should only allow authorised employees to access organisational data in a secure, structured and auditable manner.
“The concept of zero trust means that an employee/user must be clear as to why access to data/systems is required. The principle is ‘never trust, always verify’. The concept ensures continuous verification of a user connection and a context-based access control between users, applications and servers, for example.”
Education is also a key enabler of cybersecurity in an organisation. The most effective way to protect against a cybersecurity incident is the vigilance of team members. If employees know what to look for – phishing emails that can lead to ransomware, for example – then it is unlikely that an incident could easily occur. Education is perhaps more cost-effective than a technology solution and should keep pace in an evolving cybersecurity environment.
Small v large business needs
The fundamental principles of cybersecurity are the same for small and large companies but the scale and complexity of implementation can differ, says Strahan.
“Small companies may benefit from outsourcing cybersecurity to managed service providers due to limited resources. They should focus on getting basic measures such as strong passwords, MFA, managed detection and response, back-up and DR [disaster recovery], and align to a cybersecurity standard such as Cyber Essentials.
“Large companies may require more sophisticated protection due to compliance and other regulatory requirements and advanced technologies such as security information and event management systems.”
In both cases, a tailored approach that considers the specific needs and vulnerabilities of the business is crucial for effective protection against cyber threats.
In essence, while small companies should prioritise fundamental security practices and scalable cloud-based solutions, large companies require advanced threat detection systems, dedicated security teams and a robust security infrastructure to handle their more complex networks, says Walsh.