Hackers don’t care for 'office hours'. Day and night, cybercriminals are ‘casing for data’. In fact, ‘out of hours’ is often the favoured time.
This 'out of hours' sweet spot means organisations must have their guard up at all times, or risk suffering the consequences. Large enterprises do this by employing huge teams of people. For mid-sized businesses, a lack of resources to mount a 24/7 defence leaves them at an increased risk of a cyberattack. The knock-on effect of this can cause devastating financial and reputational damage.
Yet turning to automated, legacy security is proving to be inefficient. It does offer ‘cruise control’ protection, but cruise control isn't smart enough to halt modern attacks.
49% of attacks take place on a weeknight and 29% over the weekend
This situation is serious – but it is also manageable. The rise of autonomous cybersecurity offers mid-market businesses access to 24/7 security, designed to cope with an ever-changing threat landscape.
Late Night Callers
Three in four ransomware attacks targeting the enterprise sector take place at night, with 49% occurring on a weeknight and 27% over the weekend, according to FireEye. This is a serious problem for resource-challenged (or non-existent) mid-market security teams, looking to better protect their organisation from infection.
If an incident takes place late on Friday night and is only noticed at 9am on Monday morning, hackers will have spent the entire weekend extending their attack or even covering their tracks. It allows them to spend longer inside the network and cause more damage longer-term.
The most obvious response to a 24/7 threat is to have a Security Operations Center (SOC) operating day and night. For mid-market businesses, this is unfeasibly expensive. Automated security products offer a partial solution, but often fail to identify and detect unknown threats. The ability to respond to the unknown is a key part of a proactive security posture.
“Most automated network and endpoint security controls utilise signature and rule-based alerting for IOCs, which only detect the “known knowns”. This catches previously described malware hashes,” the Home Office’s Digital, Data and Technology team warned in a paper called ‘Detecting The Unknown’.
Zeroing in on Threats
The risk posed by zero-day threats is also growing, with Google’s Project Zero recently warning of a significant “uptick” in these unknown vulnerabilities in 2021. “Halfway into 2021, there were 33 zero-day exploits used in attacks that went on to be publicly disclosed — 11 more than the total number from 2020,” it wrote in July.
Without full-time staff or access to 24/7 support, mid-size businesses are vulnerable when new threats and zero-days emerge. The solution is to enable cyber security defences to act autonomously. Automated systems work like an autopilot, stopping expected attacks and responding effectively to threats that have been encountered before. But they can’t cope with the unexpected.
Autonomous cybersecurity, on the other hand, can react independently to identify and stop threats that have never been encountered before. Mobilising autonomous security is like adding a superhuman new member to your team that can work around the clock without stopping.
Autonomously Augment
Autonomous security also augments the abilities of IT teams by saving from the time-consuming process of painstakingly investigating minor alerts or false positives. In an interview with the government tech publication MeriTalk, Dr Matt McFadden, Vice President of Cyber at the defence giant General Dynamics, said that autonomy offers organisations the ability to cope with threats that are “constantly changing, increasing, and growing more sophisticated”.
“We need our cyber defenders to maximise their time to focus on the high priority impacts, rather than on the trivial ones they’re bogged down with,” he continued. “Autonomous cyber defences can help solve those challenges – resulting in enhanced perimeter protection, improved endpoint and continuous monitoring, automated patch management, and enriched cyber situational awareness.”
Mid-market organisations no longer need to do without 24/7 support. Autonomous security systems offer mid-market organisations powerful, cost-effective solutions that never sleep and are intelligent enough to cope with threats that are known and unknown. Autonomy is undoubtedly the future of security.
For more information about this topic please request a callback or book some time in our calendar
More in Cloud Security
Thousands of policies to consider, while only a few are enforced.
How the cloud has become an extension of your attack surface, and how to secure it.
Expert insights from Barracuda’s security frontline.
Why incremental cyber security fixes don’t work.
Efficiently empower defenders and disarm intruders.
How to create a truly agile and secure M365 environment.
Simplify management of your users' devices.
IDC research paper into the business case.
Best-in-class devices. Zero touch provisioning.
Three ways Microsoft Surface is an ideal platform for retail digital transformation.
How Surface helps retailers navigate it.
What makes digital solutions the perfect option.
Share this story