Today’s news that TalkTalk has been subject to a cyber-attack is another example of the ever increasing rise of high profile security breaches. No organisation can be 100% safe from a cyber-attack, with a number of major organisations worldwide breached this year.
What is important is reducing the ‘Time to Detect’, as in most cases an attacker is in your network for days if not months before they are discovered – the industry average is over 200 days.
In today’s dynamic environment the perimeter of your network is difficult if not impossible to define, and this means that the number of possible attack vectors has greatly increased, yet for most organisations the sheer scale of the problem is overwhelming their limited internal resources.
Traditional preventative controls (such as signature based malware, IPS/IDS) although still pertinent need to be complimented with more detective and reactive controls ( such as SIEM, Deception Technologies and Sandboxing) to limit the impact of a breach. Furthermore, a company’s cyber security policy must permeate the business, to also include governance, process and staff training. This ensures that in the event a breach, it can be identified quickly and dealt with efficiently, and limiting data loss and the resulting brand damage.
armadillo can help advise organisations on the best way to reduce their attack surface, and by using automated and intelligent tools help you identify an attack quicker and before significant damage is done. Visibility is key to identifying and managing risk – if you don’t know where your assets reside, and who is accessing them, then it is impossible to quantify and mitigate the risk, you need to be one step ahead in the continuous race against the bad guys. Sometimes it can be as simple as restricting access to applications and data on an as-needed basis, or maybe using threat intelligence data to augment your existing security solutions, to turn raw data, i.e. event logs, into actionable data such as there is a machine on your network that is communicating with a known command and control server. armadillo work with the major security vendors who operate in this space – RSA, LogRhythm, Webroot Brightcloud, TrapX and RiskIQ to name a few. Why not let armadillo discuss the latest cyber security solutions and see how they can address the security concerns that you have in your organisation?
For further information, call us on 0208 0888 222.