In March this year, hackers broke into the computer networks of some of America’s most prestigious law firms including Cravath Swaine & Moore LLP and Weil Gotshal & Manges LLP, both of which represent some of the biggest companies in the world.
The Wall Street Journal, who broke the news, reported hackers usually steal large amounts of data and then analyse it to see how it can be used. Personally identifiable information has a much longer shelf life than credit cards for cyber-criminals. This is because information rarely changes and it’s also easy to see how information stolen from a legal firm could be used to disrupt merger and acquisition activities or sold at a premium.
And while most firms will go to lengths to keep any cyber-breach a secret, the real issue is that many companies don’t realise their systems have been compromised until it’s too late.
As such, there is still uncertainty as to whether the information will be used for insider trading – a worrying thought.
Can data regulation help?
While law firms are reluctant to publicly identify themselves, soon they will have to admit to data breaches whether they like it or not. This is due to the EU General Data Protection Regulation that will come into effect in 2018. The new regulations will require any business in the EU to report a breach to their Data Protection Authority within 72 hours of becoming aware of it. This should encourage more companies to consider their security controls with more stringent security practices applied to sensitive company data.
Businesses should also provide advice and guidance on the interpretation and protection required to meet the new harmonised data protection requirements. Larger ICO fines and increased awareness should create a much better understanding what data they hold, its value to the business and the controls required to protect these assets.
But is this enough?
In a word, no. It will never be enough. It’s often said cyber security is an arms race but it’s true the threat landscape is constantly evolving, and therefore, so should defences and mind-set.
Cybercriminals can misuse data obtained through extortion, identity theft or gaining access to networks using social engineering tactics. While many attacks might be due systems not being secured correctly, others are the result of skilled, determined attackers.
We can only expect cyber-criminals to increasingly target industries that hold vast amounts of personal data like legal, education and healthcare sectors.
This means the industry needs to continually keep pace with the threat landscape by innovating and bringing to market capable defences, and organisations need to implement them. Many organisations will find they cannot do this alone and will seek to use Virtual or advanced iSOC’s to augment their existing Security personnel.
So what now?
Businesses should share threat intelligence and information with other companies, especially those in the same sector. This doesn’t mean sharing intimate details of a company’s security ecosystem, but instead sharing insight on how threats have been found and defended against. The UK Government CiSP initiative a great starting point for businesses to share and leverage threat intelligence and has specific special interest groups by sector. Fujitsu are active members of CiSP and the Government CERT UK Fusion cell as we see the importance of sharing within the cyber security community and in turn helping to protect UK PLC.
Organisations also need to take a proactive approach, they must be prepared to hunt for threats in their logs and to spot, react and defend against a breach quickly. Complimenting traditional security with next-gen threat monitoring, user behaviour and SIEM services alongside good security personnel will go a long way to deterring cyber-criminals. This should always be partnered with an effective incident response programme with regular crisis communication exercises ran in preparation for a real life cyber-attack
Finally, businesses should consider security education as part of a company’s training schedule. Each employee has their part to play in keeping assets safe so it is vital that security training and empowerment occurs from the top down.
Find out more about Fujitsu’s ‘Secure Thinking’ solutions and services offering.
(Visited 40 times, 1 visits today)
Paul McEvatt
Senior Cyber Threat Intelligence Manager at Fujitsu UK&I
Latest posts by Paul McEvatt (see all)
- How the public sector is keeping UK citizens safe from cyber-attack - July 23, 2018
- The Year Ahead: Five Key Thoughts on Cyber Security In 2018 - January 5, 2018
- Why misuse of enterprise platforms could be your worst nightmare - October 31, 2017
Related articles in Cyber Security
Why employee mental health is key to your security posture
Mental health isn’t a topic you immediately associate with cyber security. However, maintaining employee wellbeing is an important defence in protecting your organisation.
Human... Read more
Should we be scared by big data, and its ability to manipulate our behaviour?
We live in an era when the volume of data available on each of us is unprecedented. This... Read more
Securing Supply Chains – what can be learnt from SolarWinds?
Securing the supply chain is an objective that is moving higher and higher up the list of CISO... Read more
Can Adversarial AI threaten our National Security?
As Artificial Intelligence (AI) becomes further embedded into our day-to-day lives, maintaining the integrity of these systems and the data they use is... Read more
How the cybersecurity landscape changed post-Covid-19
The Covid-19 pandemic has been a mammoth test of our economy’s resilience.
In the space of just a few weeks, business leaders who would’ve... Read more
Should the recent attack on Twitter impact decisions on whether to deploy services to the cloud?
On 15th July, Twitter fell victim to a highly visible, sophisticated... Read more
