The average company spends almost 199 hours a week investigating malware infections on their computer systems.
Another 230 hours a week is spent on cleaning or fixing the organisation's infected devices. With all this time spent on investigations, there are still around 40 per cent of infections that go undetected in an average organisation's network operating system.
This is a significant amount of time for any company to spend on investigating false positive alerts and chasing erroneous cyber alerts such as suspected malware and viruses that turn out to be nothing more than dead ends.
Chasing false alerts often results in a small fraction of serious malware threats being investigated, leaving data exposed and businesses at risk. Too much time is wasted on determining if there is a breach and identifying breaches instead of detecting malware identity, the type and intention of malware and how it bypassed the anti-virus.
Once a breach has been determined, more time is spent implementing a strategy to try to stop the attack. In the past 15 years, threats have become more sophisticated as cyber criminals are using social engineering techniques to gain access into organisations' systems. Unfortunately, many organisations that have been compromised by these serious threats are still not aware of the incidents.
There are six types of criminals who are likely to break into organisations' systems and perform activities ranging from identity theft to fraud to corporate hacking attacks.
1. The anarchist – He gains access into companies' websites and confidential communication information.
2. The banker – He wants bank-related information such as credit card info and client financial credentials. He is also seeking serious financial information. The selling of credit or debit card data on the black market is a well-established and lucrative business for cyber criminals.
3. The contractor – This is the emerging cyber-criminal who steals data and makes a lot of money in the black web market.
4. The arms dealer – He usually carries out fraudulent information and earns a lot more money than a genuine Web developer.
5. The special agent – He is sponsored by a country's government or private companies to investigate crucial information, he spends a lot of time working on only a few projects each year.
6. The insider threat – This is the employee or former employee who can either be negligent or malicious. When sensitive data goes missing under these circumstances the organisation can be fined and not the employee.
2. The banker – He wants bank-related information such as credit card info and client financial credentials. He is also seeking serious financial information. The selling of credit or debit card data on the black market is a well-established and lucrative business for cyber criminals.
3. The contractor – This is the emerging cyber-criminal who steals data and makes a lot of money in the black web market.
4. The arms dealer – He usually carries out fraudulent information and earns a lot more money than a genuine Web developer.
5. The special agent – He is sponsored by a country's government or private companies to investigate crucial information, he spends a lot of time working on only a few projects each year.
6. The insider threat – This is the employee or former employee who can either be negligent or malicious. When sensitive data goes missing under these circumstances the organisation can be fined and not the employee.
There are top five threats which took place in organisations in 2015 across the globe. These are malware, Web-based attacks, Web application attacks, botnets and denial of service. These were based on a report by the European Network information security agency.
It takes an average company around 206 days to identify a data breach and a further 69 days to contain that breach. This is a significant amount of time, the time between the initial compromise and the detection phase is called the dwell time.
Organisations need to begin to consider dwell time as key risk management, if the dwell time declines that means cyber security is improving. Proactive organizations are measured on their dwell time which is 48 hours and are always trying to improve that time.
To be on the safe side, advised organisations should follow the international guidelines stipulated in the Global DP Legislation Readiness Plan. Among the many recommendations, this legislation stipulates organisations should have a data flow mapping strategy of internal and external processing.
It also specifies organisations should review Privacy Impact Assessment and measure risk compliance against the legislation.
Abimbola Tooki Deputy Editor BusinessWorld Newspaper 7b Regina Omolara Street off Opebi Road, Opebi-Ikeja, Lagos, Nigeria Mobile 234 802 300 0027 www.businessworldng.com
Post a Comment