With cyber-attacks on the rise, how can organisations fight back against criminals? asks Andrew Smith, pictured, Chief Information and Strategy Officer at Kyocera Document Solutions UK.
As technology becomes more advanced, so does cybercrime. From 2022 to 2023, 75 per cent of security professionals observed increases in cyber-attacks, while a Statista analysis estimates that the cost of cybercrime will rise to $13.8 trillion globally by 2028.
Ransomware as a service has left cyber tools more accessible to threat actors, and AI is now playing a key role in cybercrime with dynamic action, code, and approach. Endpoints continue to be a key exposure point with the continued use of remote and home working, with phishing and social engineering surging as an entry point for attackers. It is no surprise that many consider cybercrime the number one threat to organisations.
This begs the question of how businesses should safeguard themselves against cyber-attacks in 2024 and what steps they can take to reduce the chances of experiencing major security issues. Businesses must focus on cyber hygiene to improve their security posture and prevention. This includes adopting vulnerability management, configuration management, patch management, identity management, education and a company’s overall policies, processes, and approach.
There are a huge number of areas to focus on, but certain measures – such as endpoint protection, device encryption, ransomware protection and fully integrated cybersecurity services – can make a real difference.
Managed endpoint detection
Unfortunately, the threat of attack is “when”, not “if”, and businesses must adopt managed detection and response (MDR) across endpoint (MEDR), cloud (XDR) and network (NDR). This ensures behavioural changes are detected and investigated, zero-day exposure is managed, and a team can respond when needed.
Deploying the correct management endpoint detection and response (MEDR) capabilities allows organisations to monitor all connected devices across their business, ensuring each has adequate protection against impact from threats such as ransomware, malware, and phishing attacks. This means businesses no longer have to rely on outdated legacy antivirus software, which makes it extremely difficult for IT teams to keep up with the volume of threats.
MEDR means the end user has to do much less of the threat-hunting themselves, by proactively spotting issues and identifying the root cause analysis of an attack. This allows organisations to take action to prevent a recurrence.
Adding encryption
It is important that printers and scanners are not neglected when it comes to endpoint security, particularly given that many still seem unaware of the risk they can pose. Businesses should set up encryption for all devices to safeguard them against threats, with this encryption covering all aspects of the device, including hard drives and flash storage.
Wider network encryption is also essential, as internal printer encryption will not be enough. Network encryption ensures that data is protected as it travels from server to printer, which is particularly important if businesses operate with a wireless office network. Wireless devices are often situated outside physical office spaces, meaning an outsider could connect to one’s network, read data and transmit it to printers.
Anti-ransomware network monitoring
According to Sophos, the average cost of a ransomware attack on a UK business stands at an eye-watering £1.96 million, being the largest cyber threat to organisations in 2024. With this in mind, having the correct anti-ransomware network monitoring appliances in place is essential. A proactive, multi-layered approach which prevents, protects, and immunises backup data from attacks is recommended. Initial defences should go back to basics and be managed through next-gen antivirus and malware detection software on all devices, the network, and user awareness and training.
Third-party managed backup solutions provide a solid shield against ransomware attacks. To avoid data loss, copies are stored in a secure, hybrid or off-site cloud repository, protecting an organisation from unauthorised access, corruption, onsite destruction, or data theft. Such solutions alleviate fears of ransomware attacks, as organisations know they have a last line of defence if a ransomware attack does strike.
Cyber Security as a Service
In the event of a cyber-attack, businesses must focus on having the correct response and having the right skills at the right time through Cyber Response services. This ensures a reduced impact, systems are secured and remediated, and businesses can recover, learn and repair as required.
To ensure all the bases are covered, it is a good idea to implement Cybersecurity-as-a-Service (CSaaS). This enables organisations to safeguard themselves against cyber-attacks quickly and cost-effectively while having expert support, training, and tools on hand to ensure their capabilities are constantly evolving.
Managed service providers delivering CSaaS can help ensure organisations are aligned with regulations and leading cybersecurity guidelines such as the NIST Cyber Security Framework. It is important to work with a partner that delivers a portfolio of services that can deal with the ever-changing threat landscape and ensures maximum protection.
There is no silver bullet when it comes to protecting the organisation from cyber-attacks, but business leaders must make savvy choices to ensure measures are implemented in a holistic fashion. It is important to look not just at the most popular or obvious capabilities, but also endpoints that are often overlooked. Adopting integrated cybersecurity services can go a long way towards achieving this. Strong networks remain at the heart of slowing attackers with strong segmentation and controls, and businesses must focus on educating end users and combine this with clear policies and processes. Companies must have a clear response plan for when they are attacked.
