As we mentioned in a previous article, organizations in the UK are continuing to feel the heat of increased cyber security breaches. In fact, the number of incidents reported to the Information Commissioner’s Office (ICO) has almost doubled in the past year alone, rising from 1,089 in 2015 to 2,048. And those are just the ones being reported. This increase in successful breaches, and the subsequent hefty financial and reputational impact, only strengthens the argument for more automation in the cyber security response process.
The problem is, not only do businesses that fall victim to cyber criminals have to deal with significant losses, both monetary as well as to their integrity, but they’re also hit with costly fines by the ICO. According to an FOI request issued by Huntsman Security, businesses that are most at risk of these hefty fines are financial firms, despite the fact that they are only accountable for 6% of the actual breaches. Those reporting the highest volume of cyber security incidents over the past year were from the healthcare and local government agencies, respectively.
In digging in to identify the root cause of most incidents, as to be expected, there was a relative balance between anomalous activity and human error, both of which can be significantly reduced and/or eliminated through automated cyber security incident response technology. Not only will this strengthen the defense of those who are recovering from security incidents, but will also help those that have either experienced a breach that they failed to report or simply didn’t detect, or those who have been lucky enough not to have been targeted (yet).
Unfortunately, given the sheer volume of incoming data, keeping up with the demand manually is simply impossible. Innocuous threats and false alarms are a huge waste of time, money and other resources. But as many organizations in the UK and beyond have learned the hard way, sometimes no news is bad news. The real issue lies in the genuine threats that are coming in from every direction in a barrage that is beyond what human personnel is capable of handling. As a result, 84% of attacks will be successful in days or less, but less than a quarter of those will actually be detected within that timeframe.
Experts across the board agree that the best way to combat these so-called “invisible” threats is to invest in artificial intelligence. With automated cyber security incident response, every single alert that comes in is instantly and effectively evaluated. False positives are quickly weeded out and legitimate alerts are further analyzed and prioritized – and all of this is done without the need for human intervention. Cyber security incidents that can be resolved automatically will, while those that require further attention are escalated to the appropriate party.
This type of multi-faceted, deep-seated approach to cyber security will not only help to prevent potential breaches from occurring, but it can also significantly reduce the amount of time it takes to recover from a successful one. Like it or not, there is no way to ensure 100% protection (at least not to date). Leveraging smart technology and taking a more proactive approach, however, can dramatically reduce the impact of a security incident so that in the event something does slip through, it is quickly pinpointed and addressed in the most timely and effective manner possible. Automation is the key.
As more and more reports of security breaches hit the headlines, it’s becoming increasingly evident that cyber security is no longer something that can be placed on the back burner. Automation technology can help bridge the gap and allow even smaller organizations with tighter staffing and other budgetary restrictions keep their sensitive data safe from falling into the wrong hands.