A recent (Aug 2018) survey by the well respected Kaspersky Lab found, in the State of Industrial Cybersecurity 2018 report, that 77% of IT professionals such as yourself believe that their organisation will be hacked in the next year. Worse than this, 48% of them are not ready for the expected hacker with a cybersecurity response plan!
Given the sheer volume of very high profile cybersecurity attacks on UK organisations topped by the wanton spread of the WannaCry virus, these are very strange and worrying statistics. The report found that the reason for this lack of readiness is two fold: the cost of 100% cybersecurity coverage and the lack of available skilled personnel.
Over 58% of the CIOs in the survey reported that finding and then hiring suitably qualified cybersecurity consultants and technicians to carry out the work and then monitor company networks was particularly difficult. CIOs also reported that then paying the high salaries and then keeping these key IT staff was particularly challenging. So why is this? Well if you are seeking a Cisco qualified cybersecurity consultant they will have paid thousands of pounds and spent many years obtaining these certificates and will expect to be sponsored by your company as they update and improve on these qualifications. The sheer cost of qualification means that those companies who have suitably qualified cybersecurity consultants and technicians look after them very well, knowing that other companies would love to lure them away. So if you do manage to employ a well qualified and experienced cybersecurity technician you are going to have to pay big to both keep them and ensure that they up to date in their qualifications. The cost and time taken in qualifying also means that there are not enough cybersecurity technicians to undertake all the work that is available.
Unfortunately the State of Industrial Cybersecurity 2018 report establishes that a company wide internal security controls, security protocols, and staff re-education programs to ensure that the company remains safe, requires qualified and experienced cybersecurity consultants and technicians. It is certainly a complex task, which in a large company can be very daunting. Thankfully this is a service that Gaia Technologies plc.
Lets look at the cost of cybersecurity measures. Obviously cybersecurity staffing plays a large part in the budget as does the use of the required cybersecurity software. Your company will be hit in those painful and restricted areas such as time, budget, staffing and resources.
Firstly you will need to undertake software, network and hardware audits in order establish any technical weaknesses and security holes. Then there will be the cost of other technical staff to install and reconfigure your existing software, such as patching and updating. Some workstations, terminals and peripherals may need to be scrapped. Similarly new cybersecurity software will need to be configured and installed and staff trained on their use.
Looking at your organisation’s procedures you will need to update these, especially your organisation’s bring your own device (BYOD) procedures to ensure that your system remains safe. Fighting off phishers, ransomware and hackers is also vital so an acceptable use policy for websites and training on email use is also vital. All this takes time, resources and budgets.
You can now probably clearly see the reason why many organisation’s shy from 100% coverage, especially when you factor in that cybersecurity is a rapidly moving threat that continually comes up with new risk factors, new attack weapons and new ways to use any data that the hacker may steal.
However the results of not being 100%, or even close to that, secure from cyber hackers, phishing, viruses and ransomware attacks can be far higher. Factor in the social, political and marketing problems that a data hack can bring you. Add the lose to your organisation’s brand image when your good name is featured in the headlines of the national press, becomes part of a social media stream and a by word for poor security such as Butlins, the NHS and Dixons. Lastly picture the amount of work your group will need to do to reconstruct your data, deal with unhappy customers and secure your system once more.
So what is the solution? Think about a MSSP – managed security service provision from an established company such as Gaia Technologies plc. This MSSP will provide your organisation with an agreed service of cybersecurity monitoring and management. Some of the services provided would be: virus and spam blocking, intrusion detection, system monitoring, removal of system weaknesses and staff training. At the start of the service any good cyber security company such as Gaia Technologies plc. will also provide a full network audit and review resulting in suggestions as to how your cybersecurity can be improved. Considering a MSSP wraps all of your cybersecurity needs into one budgetable service and keeps most of your cybersecurity worries under control. Be one of the better companies in next year’s survey and call Gaia Technologies plc. now.
Gaia – Total Security Solutions for Quality, Security and Peace of Mind From One Provider.