In this ‘In Conversation with’ we had a chat with Andy Webb, Head of Product Management at UK Cloud and discussed what cybersecurity challenges businesses are facing and how they can tackle the threats.
Andy: The most common threats vary. For the top end, large scale businesses and organisations they may face state-sponsored attacks but further down the tree by far the most common threats come in the form of common exploits such as phishing attacks or insider attacks. External threats are also becoming more commonplace as they become easier to execute increasing the frequency that we see the likes of DDoS attacks aimed at disrupting web traffic and of course malware.
The best defence against such threats is to ensure that you have a culture that considers cybersecurity in everything they do by training staff and raising awareness throughout the organisation.
Andy: I think a lack of awareness and understanding are the biggest hurdles. No one sets out to have bad cybersecurity but the question of whether cybersecurity is high enough on the agenda needs to be asked.
All businesses have plans in place for risks such as fire and flooding so why not cyber? It needs to be considered an operational risk and be part of the day to day risk planning.
Andy: Developing basic cyber hygiene and get the basics right. Effective patch management, staff training, and phishing tests are all easy things to do to start ingraining cybersecurity into a company’s culture. Beyond that, remember that a Penetration test is not just for Christmas, they need to be done ideally every month due to the constantly changing threats.
Make sure that cyber events are covered in company policy and processes create business continuity plans and incident response plans that explicitly consider a cybersecurity event, setting boundaries for acceptable and unacceptable losses, introducing all these things will lead to an improvement of a company’s cybersecurity.
Andy: It’s tough to predict as the challenges are constantly evolving and changing. A.I and Machine Learning is massive in that it can be used for both good or ill. Cloud-based security will grow in importance as it can scale. Attacks will become more sophisticated; however, attacks will still need to find a weakness in order to succeed.
A.I is likely to remain a high-end threat in the near future but IoT devices are here already and with the number of such devices set to increase sharply, and this growing attack surface will provide more opportunities for negative actors to exploit this larger attack surface. These technological shifts provide attackers with new opportunities and if people do nothing it’s likely to get worse before it gets better.
XQ: Many thanks Andy
UKCloud is dedicated to the digital transformation of the nation’s public services through its flexible, secure and cost-effective multi-cloud platform. For more information visit - https://ukcloud.com/
If you would like to take part in a future ‘In Conversation with’ feature please contact – [email protected]