How to protect against cyber-attacks? IT security is all about remaining a step ahead

Philippe Dann, Head of Risk & Business Advisory, EBRC
By Letzebuerger Gemengen 30/12/2019
Banking, Insurance & Fintech
Health & Life Sciences
Public Sector & European Institutions
Defense & Space
Technology & Software Providers
Energy, Logistics & Industry

Increasingly probable computer attacks, more organised hackers, and a more discreet hacking process: this is what companies are facing today in cyber-security. Because they are too often unaware of the danger that surrounds them, EBRC offers another protection method. To use military terminology, it is not enough to build higher walls for a protective enclosure; we now have to think about the risks and vulnerabilities that are still open to the enemy. An interview with Philippe Dann, Head of Risk & Business Advisory at EBRC.

How to improve companies' it security against cyber-attacks?

Change our habits! Our habits are so deeply ingrained that we do not sufficiently question our processes. However, constantly questioning yourself is one of the pillars of modern security. The threat is real and too many companies still believe being safe, protected by a tool or a series of measures taken a few months ago... only to become victims of the hackers’ creativity. Companies manage their IT system based on common-sense regulations, but the action they have taken is often insufficient because the methods of attack have been shifting in recent months.

If this can happen even to the national security agency of the US, it logically follows that anyone could be a victim!

How have these cyber-attacks evolved?

There is a much larger spectrum of cyber-attacks now due to the variety of IT equipment in use, which multiplies the possible range of motivations and technologies of the attackers, and makes attacks more vicious... and their prevention more complex.

More and more data subject to cyber-attacks

The threats are multiplying and more dangerous than before because of the increasing digitization of information and business data. Digital data insufficiently protected has become an easy prey for the formidable and inventive predators that are now deploying strategic cyber-attacks whose impact is growing. Our ubiquitous technological environment exposes us to a variety of attack vectors.

An organized network of cyber-attackers

There has been a paradigm shift in the definition of a cyber-attacker. A few years ago, hackers were isolated. Nowadays we are dealing with structured organizations with significant means to exchange tools for their attacks. The "Dark Web" provides a varied arsenal able to precisely tailor an attack to its target. Exchanging such tools has not only become common but is certain to occur because small groups have developed trusted third-party sites to organize this exchange process efficiently. This community is thus far more organized than we imagined. The economy that was created by this process is lucrative. The cyber-attackers have become even more motivated, making it even more difficult to counter their attacks.

Hard-to-notice cyber-attacks

The attacks have evolved themselves, too. Previously, any attack was immediately detected, because it paralyzed systems as hackers sought notoriety. Today, the most effective attack is one that is unseen. It's an attack that quietly sneaks into the network and remains watchful to gather information that can be monetized little by little, or it can use a "sleeper" agent that can launch a brutal attack at exactly the right moment to enable ransom demands or economically cripple a company.

What kind of company is vulnerable to cyber-attacks?

The powerful NSA, whose cyber-security teams are among the most renowned in the world, has noticed in the past that some of its tools had been stolen. If this can happen even to the national security agency of the US, it logically follows that anyone could be a victim! Any company may face a cyber-attack. The potential for harm is obvious for a bank or an industry, but even small local companies should not close their eyes to this threat. Confidential data, patents, company reputation, investor confidence, resilience: the impact of an attack concerns more than just its IT and it can affect the health or even the viability of a company.

How to be protected against cyber-attacks?

Given all these elements, make sure to constantly monitor your computer system and develop a level of cyber-protection specific to your company with the help of a team of specialists.

Collaborate with a team specialized in cyber-attacks challenges

Our Advisory  team helps our clients by offering solutions challenging cyber-crime. Our security  team has selected a series of powerful and unique tools that have been developed by leading companies in order to analyze the functioning of IT systems and identify potential vulnerabilities or attacks that are in progress.

Cybercrime monitoring and crisis management

In addition to that, we conduct a continuous monitoring of your IT systems (log analysis) to understand what is happening in your IT environment and detect intrusions as early as possible. EBRC also has dedicated teams for technology watch and cyber crisis management (the CYBERFORCE teams) that allow each client to get access to the best experts for advice and assistance in case of attack. As a POST group company, EBRC has a technological advantage thanks to the contribution of POST in EBRC's mastery of the network and to the resources it commands to secure and defend it. This control of the entire value chain is an additional guarantee that enables clients to integrate risks, monitoring and interventions at each level for a full data-centric protection.

Adapt the level of cyber-protection to your company's needs

A technological defense bastion is not enough to protect against cyber-attacks. Our method relies on a pragmatic classification of our clients’ IT assets and works by adapting the degree of protection to how critical they are. In addition, we draw a map classifying these risks and define the measures to be taken according to their urgency and importance. The entire client security project is linked to this risk dashboard and is thus intelligently adapted to the most critical IT assets of the company. This rational approach is attractive to businesses because it optimizes the allocated resources based on the importance of the data to be protected. Because security has a cost, each of our projects incorporates this efficient approach, and it is this performance that our clients are looking for and appreciate. This approach helps us identify clear priorities and justify them based on the business model of the company. But this risk mapping process done at a T time is subject to continuous re-evaluation and should not remain static. Attacks evolve, and what is now a low-risk threat can become one of major importance in the near future. Therefore, our reflection has to be supported by a continuous and dynamic follow-up.

How do you address the human factor in cyber-attacks protection?

It becomes a priority that everybody be aware of the risks. Indeed, the human factor is increasingly key to opening loopholes.

The attacker uses social engineering and the apparent innocuousness of emails to retrieve small pieces of information that are independently harmless but, once they're compiled in an intelligent way, allow him to mount an attack. It is important that companies work on their employees’ maturity at this level, and this is far from an easy task.

For the purpose of better teamwork, the exchange of information is becoming broader. For better security, however, the usual tendency is unfortunately to cut yourself off instead. Currently, the community aspect is taking precedence: helping each other - like the emergency services do - will become the standard approach in cyber-security. The economy is so dependent on IT that companies are noticing the increased efficiency of working together. By sharing, we make the path that the attacker has to follow more arduous and we become stronger.