Travo Cyber Summit: Constant surveillance is vital for rapid response to attacks

Travo Cyber Summit: Constant surveillance is vital for rapid response to attacks

Ross Goodburn, channel development manager from eSentire, a partner of Cyber Summit sponsor Babble, said the global tech skills crisis means companies must work with partners to have 24/7 protection

The global tech and digital skills shortage is leaving businesses vulnerable to cyber attacks from criminals looking to exploit weaknesses in firm’s defences.

Last week Travolution Cyber Summit heard from Ross Goodburn, channel development manager from eSentire, a partner of summit sponsor Babble.

He told delegates that trave firms are under constant attack from Advanced Persistent Threat nefarious actors who infiltrate and lie in wait biding the time before “detonating” their attack.

Combatting this threat requires constant surveillance, staff training and 24/7 monitoring, something most firms do not have the in-house resources to maintain.

“You hold huge amounts of really juicy data that they want to get their hands on. And as a sector you have embraced digitalisation and technology.

“All of the things you do to make your companies run smarter makes you are great target for the bad guys. And you are likely to pay ransoms because you can’t afford to be down for any time.”

Goodburn said he understands why firms pay ransoms, but he said hackers only detonate ransomware when they have already done what they planned to do.

“It’s finding them in that dwell time that’s important,” he said. “We are experts at finding them before they detonate any ransomware.”

Goodburn said all industries are struggling to keep up with the criminals and he cited SITA figures that suggest 30% of airports are not prepared for a cyber attack.

And he said a skills shortage of cyber experts is exacerbating firm’s ability to prepare for an attack and to protect themselves.

“These guys are sophisticated and highly skilled. They know what they are doing and are well funded.

“There is a skills shortage in cyber experts. It’s hard to hire the right people and to keep these people.

“There are nearly half a million unfulfilled jobs in the US alone. Globally there are 3.5 million unfulfilled. How do you hire these people?”

And Goodburn said stress levels for staff in the cyber world are high because they are expected to be on hand to protect their businesses 24/7 or risk losing their jobs.

Many cyber gangs that are active are state sponsored and deploy social engineering techniques in 95% of attacks, passing themselves off as genuine to infiltrate a firm via a staff member.

Goodburn said layers of protection are vital to ensure that firms stay ahead of disruption which n average costs £216,000 a day in system down time following an attack.

“There are simple controls you can put in place to stop that happening,” he said. “You must train your staff to resist this kind of social engineering.

“It requires 24/7 monitoring. You can’t do this yourself, you should be outsourcing that part of it to get someone to augment your team.

“Minutes and seconds really matter when you are fighting an adversary. If you detect it in seconds you can stop it in minutes. The bad guys will try to hide where they’ve been and what they’ve done.

“When you’re breached and are finding out what’s happened you’ll find a lot has been deleted. That can be an issue when the ICO [Information Commissioner’s Office] asks you what has happened.

“It annoys me when people say I was the victim of a sophisticated attack. No, you probably weren‘t, you just did not have the right protections in place.”