How companies can detect cyber attacks early to minimise damage

cyber security

The recent wave of ransomware attacks might give the impression that cyber criminals want their pay-off immediately says Benjamin Hosack; Chief Commercial Officer of cyber security firm Foregenix.

Yet, he points out that they often exploit security breaches over the course of months and even years, in covert attacks that can do far more damage to an organisation.

So what can businesses do to minimise the chance of their websites being hacked? Benjamin outlines the steps organisations should take.

Breaches of security are getting more expensive and it’s often the small firms that are worst affected. Visa for example, imposes a fine of up to €18 for each stolen set of card data from European merchants. It can take six months for the average trader to realise they have been hacked. As an example, a business with 100,000 transactions a year, could face a fine of roughly €450,000 – a potentially fatal loss for an SME.

Larger enterprises are no less vulnerable. A lone hacker that took down British Airway’s website for one hour caused a £100,000 loss. It doesn’t take much imagination to factor in the reputational damage of such incidents.

And there’s another issue, all businesses must now report breaches of their customers’ personally identifiable information security with the General Data Protection Regulation (GDPR).

This demands security breaches be reported to the authorities within 72 hours of detection if personally identifiable data is at risk. You have probably heard, many times, fines for a failure to do so can amount to 4 per cent of worldwide turnover or 20 million Euros.

The good news is that all businesses can improve their ability to identify attacks early and substantially reduce possible damage, with quite straightforward activities:

Install updates

Our own research based on 80,000 European websites found that 80% are vulnerable to cyber attacks and the main reason is a simple failure to install the latest updates. So, patch or update all software.

Use threat detection services

Specialist cyber security firms provide high–end Managed Detection and Response Services to cyber threats.  As most organisations struggle to detect the threats in the first place, this type of service is vital in reducing the likelihood of experiencing a catastrophic breach in your business.

Use a honeypot

Honeypots are decoys that appear to be legitimate components of an organisation’s network, containing valuable data.  As soon as a honeypot has attracted the attention of the cyber criminal, a warning is triggered. Combining a honeypot with other security controls provides an additional layer of security and is highly recommended.

Train your employees

The biggest cyber security weakness in an organisation is the people. Keep your team trained, including non-technical staff. Keep everyone up to date with the latest cyber threats security. Everyone should be aware of threats and how the business might be attacked so they can raise the alarm.

Monitor security alerts daily

Attack traffic usually has a very specific pattern and hacked business systems can be detected quickly if security alerts are being monitored across the business.

Learn from the past to predict future attacks

Cyber criminals certainly do like to strike in the same place twice – and often by the same methods. Pre-emptive action and monitoring based on past attacks can lead to quick identification of a security breach.

Organisations that follow these actions will also reduce any potential damage, financial and reputational, by showing they have been proactive in their approach to cyber security.