A big talking point in security this week has been the National Audit Office (NAO) analysis of the WannaCry ransomware attack that hit the NHS in May. The NAO’s report indicate a general failure to act on critical alerts, as well as not enough attention being paid to basic security routines, such as patching software and keeping firewalls up to date.
Our recently released cyber-security study of British mid-sized companies told a similar story. It isn’t that organisations don’t have security technologies, it’s that they don’t have the resource required to operate it that’s causing organisations to not be secure.
Of the 100 IT decision makers we surveyed, over 70% had implemented a Security and Information Event Management (SIEM) solution to aggregate security data. However, only 4% had staff dedicated to monitoring, analysing and reporting that information, and only 6% had staff dedicated to acting on those security reports.
Analysing live data feeds to identify cyber-attacks is something general IT staff are unlikely to have appropriate skills for. Cyber-criminals also don’t respect 09:00 – 17:30 working patterns and non-specialists can struggle to be consistently effective, particularly at a 24/7 basis.
The NHS security breach is just one of many we hear about with alarming regularity. In our study, 75% of businesses told us they had recently fallen victim to a cyber-attack, with 40% occurring in the last year.
In our view, managing the threats organisations face can only be handled by a dedicated team. A business can either recruit and support that function in house or outsource it, engaging a service provider that specialises in security. Whatever option is taken, the result can only be significantly more credible protection.
At IDE Group, our cyber security unit, PACT, provides customers with a centralised intelligence service that identifies threats on a company’s behalf around the clock. By combining this insight with well-maintained security technologies, an organisation can maximise its opportunity to deal with whatever threat comes its way, ensuring peace of mind for the future.
To find out more about IDE Group PACT or to speak to a team member, please call 0344 874 2020 or visit idegroup/services/cyber-security.