Scott Haddow, Account Manager, Proact IT UK
I bumped into an IT contact I’d met a few years ago at an event recently. After we’d finished talking about who’d changed job (in the IT village of Scotland that’s the equivalent of talking about the weather) we talked about security. I knew that his company had been hit by WannaCry and I was curious to find out what changes this had made to IT.
He told me that after WannaCry they’d looked at their security environment and realised that they’d wandered into a perfect storm. They had too many point products that were at best loosely integrated, with too many screens and a reactive approach to security.
“It hit us pretty hard, partly due to IT and partly down to our processes which were badly defined, or if I’m being generous, I’d say poorly understood. We call it ‘headless chicken Monday’ now – nobody understood their role clearly – right down to whether to call it an incident or a breach. We reacted late and were on the back foot from the start,” my contact revealed.
After the attack was over, the board looked hard at security and agreed to a sizeable capital spend to secure the environment. The jumble of point products was swept away and the shiny new solution went in. I asked how hard it had been to find security specialists to run it. He laughed. “See the hat I’m wearing?” (He wasn’t wearing one.) “It says BAU IT keeping the lights on 24/7 since 2005.” He mimed changing hats. “See this one? Now I’m the CISO.”
I asked what happened if he went on holiday or was sick? He shook his head and said that someone in his team got the same training but had just handed in his notice. He continued, “So for now it’s just me – and the business is in shock at the cost of hiring a cyber security expert. It’s a seller’s market.”
Cyber security in the real world
His final analogy struck me. He said that in the past security was a bit like looking at the controls of a plane. There was too much information on too many screens and you needed to pull it together while keeping the plane in the sky. Now, he said, they had an air traffic control tower with a single screen, but nobody was sitting there watching it day in day out.
“It’s definitely better,” he said. “There’s some automation – but it’s still all on me to drive it, and…” He pulled out his mobile phone which showed a string of text alerts. “…tune out the white noise. Which I don’t have time to do.”
The conversation highlighted for me why it’s dangerous to approach security as if it’s just another IT problem where a solution can be bought, installed and forgotten. My friend’s business – medium sized at around 650 users – had focused on the toolset, and in the process had arguably lost sight of the desired outcome: the 24/7/365 proactive monitoring of the environment. It’s resource intensive and requires specific – and currently very expensive – skills.
The businesses I meet tell me that – while it’s better since the GDPR focused hearts and minds, security is still very often seen as a thief of time – and a necessary insurance policy that consumes valuable capital budgets, without obviously helping the bottom line.
So here’s where Proact can help.
Taking a proactive security approach
We’ve been protecting organisations’ data since 1994 and our security business, like the threats we defend against, evolves every week. Our cyber security experts and defences currently secure over 100PB of data in 25 data centres across Europe.
We operate a 24/7 SOC (security operations centre) service with ISO27001 accreditation. The team runs round-the-clock, with no interruptions for holidays or sickness. They analyse millions of security logs every day looking for indications of compromise that could highlight possible cyber breaches.
We have a compelling suite of offerings that cover every aspect of security, all delivered to you with a guaranteed SLA and paid monthly by OPEX.
Our approach covers more than just the technical elements of the solution. We also focus on people and processes because cyber security isn’t just an IT issue. Anyone who’s been phished knows how important the human element has become. And for anyone who hasn’t been phished yet – we’ll work with you to reduce the risk of it happening in your organisation.
What the business really needs is a closely guarded perimeter and protection down to the end point with a guaranteed SLA. The traditional approach would be to stand that up internally, and while that can work, if the IT team is already working to capacity then you should budget for people as well as products. Security, in the modern threat landscape, can be the final straw for a stretched IT team – or even a case of one hat too many.