This 'out of hours' sweet spot means organisations must have their guard up at all times, or risk suffering the consequences. Large enterprises do this by employing huge teams of people. For mid-sized businesses, a lack of resources to mount a 24/7 defence leaves them at an increased risk of a cyberattack. The knock-on effect of this can cause devastating financial and reputational damage.
Yet turning to automated, legacy security is proving to be inefficient. It does offer ‘cruise control’ protection, but cruise control isn't smart enough to halt modern attacks.
This situation is serious – but it is also manageable. The rise of autonomous cybersecurity offers mid-market businesses access to 24/7 security, designed to cope with an ever-changing threat landscape.
Three in four ransomware attacks targeting the enterprise sector take place at night, with 49% occurring on a weeknight and 27% over the weekend, according to FireEye. This is a serious problem for resource-challenged (or non-existent) mid-market security teams, looking to better protect their organisation from infection.
If an incident takes place late on Friday night and is only noticed at 9am on Monday morning, hackers will have spent the entire weekend extending their attack or even covering their tracks. It allows them to spend longer inside the network and cause more damage longer-term.
The most obvious response to a 24/7 threat is to have a Security Operations Center (SOC) operating day and night. For mid-market businesses, this is unfeasibly expensive. Automated security products offer a partial solution, but often fail to identify and detect unknown threats. The ability to respond to the unknown is a key part of a proactive security posture.
“Most automated network and endpoint security controls utilise signature and rule-based alerting for IOCs, which only detect the “known knowns”. This catches previously described malware hashes,” the Home Office’s Digital, Data and Technology team warned in a paper called ‘Detecting The Unknown’.
The risk posed by zero-day threats is also growing, with Google’s Project Zero recently warning of a significant “uptick” in these unknown vulnerabilities in 2021. “Halfway into 2021, there were 33 zero-day exploits used in attacks that went on to be publicly disclosed — 11 more than the total number from 2020,” it wrote in July.
Without full-time staff or access to 24/7 support, mid-size businesses are vulnerable when new threats and zero-days emerge. The solution is to enable cyber security defences to act autonomously. Automated systems work like an autopilot, stopping expected attacks and responding effectively to threats that have been encountered before. But they can’t cope with the unexpected.
Autonomous cybersecurity, on the other hand, can react independently to identify and stop threats that have never been encountered before. Mobilising autonomous security is like adding a superhuman new member to your team that can work around the clock without stopping.
Autonomous security also augments the abilities of IT teams by saving from the time-consuming process of painstakingly investigating minor alerts or false positives. In an interview with the government tech publication MeriTalk, Dr Matt McFadden, Vice President of Cyber at the defence giant General Dynamics, said that autonomy offers organisations the ability to cope with threats that are “constantly changing, increasing, and growing more sophisticated”.
“We need our cyber defenders to maximise their time to focus on the high priority impacts, rather than on the trivial ones they’re bogged down with,” he continued. “Autonomous cyber defences can help solve those challenges – resulting in enhanced perimeter protection, improved endpoint and continuous monitoring, automated patch management, and enriched cyber situational awareness.”
Mid-market organisations no longer need to do without 24/7 support. Autonomous security systems offer mid-market organisations powerful, cost-effective solutions that never sleep and are intelligent enough to cope with threats that are known and unknown. Autonomy is undoubtedly the future of security.
For more information about this topic please request a callback or book some time in our calendar
Gartner infographic.
Critical cyber security challenges.
How XDR is changing the game.
The insider threat that caused the security vs usability conundrum.
How a consolidated approach works.
Key insights and recommendations from Gartner.
Find out in this recorded webinar
The what, why and how of SASE
5 steps for defence
What they are and how to get them right
and how to overcome them
"The biggest cyber threat facing the UK"
![[Video] Plan smart: The future is SASE](/media/2slftnzv/shutterstock_707491003.jpg?anchor=center&mode=crop&width=900&height=650&rnd=133050302868900000)
The perimeter is no longer “entombed in a box”
Freedom. Visibility. Protection.
with this all-in-one solution
The state of the UK’s cyber security response
View white paper
Zero Trust and Beyond
How to protect your users with email security
Easing alert fatigue
Protect your data in the cloud
Things to consider
And the heightened insider threat
Threatening your business?
If it's left behind the cybersecurity curve
Protect your data in the cloud
Share this story
Find out more about how to defend data while you sleep
Here’s a single security platform that seems to provide all you need to protect your business from cyber attack and, refreshingly, they don’t put it all down to AI.
Learn MoreLet us know what you think about the article.
Let us know what you think about the article.
We're a community where IT security buyers can engage on their own terms.
We help you to better understand the security challenges associated with digital business and how to address them, so your company remains safe and secure.
