Industry case study from Nasstar: Prevention and detection
This article was originally featured as an industry interview in the March 2018 issue of LPM. To read the issue in full, download LPM.
Cybercriminals are finding ever more sophisticated ways of stealing money and sensitive information from increasingly digital businesses. Their tenacity is unlikely to slow down because as their methods improve so does their capture rate – and, unlike other illicit activities, the chance of eventual capture and punishment is relatively low.
Fortunately, while criminals’ capabilities have developed, so have business’s means of stopping them. Nigel Redwood, CEO at Nasstar, says prevention and detection technologies are developing quickly and can help firms stop digital burglars in their tracks.
“We’re seeing a much greater use of artificial intelligence and machine learning in cybersecurity to monitor behaviours at the moment. Those systems let you know if there’s someone doing things they shouldn’t be doing within your firm.”
He adds that with the GDPR just around the corner, firms need to do everything they can to prevent a breach – which means being as wary of internal mistakes as of external threats. As such, a combination of training and implementing AI technologies is the ultimate way of keeping systems secure.
Are you learning?
Redwood says that the main security concern for firms is often data breach.
“They want to know how they can be more secure – not just technically, but procedurally and tactfully as well.” He adds that this isn’t surprising, since an attack that leaks confidential information leads to reputational damage which can be difficult to come back from – especially as a commercial firm.
Redwood says technology coupled with better process and education is necessary to ensure that firms don’t have to go through the consequences of cybercrime.
“As a managed IT provider, we spend a lot of money making sure that our perimeter is secured and our technical skills continually evolve to ensure we can. We use AI tools to look for anomalies in behaviour in the user base as well as internally, which will allow us to stop internal threats from creating a security breach.”
He says there are many data leak prevention technologies, for example, that stop confidential information from being emailed or saved to a local disk.
Document rights management technology can also enable firms to email a document outside of their domain but still keep control of it. “Firms can put limitations on who reads the document and whether it can be forwarded, downloaded or printed. And after, say, two weeks, the recipient will no longer be able to open the document,” he explains.
But that’s not all. Email encryption technologies and digitally signed emails can really help in terms of preventing fraud, Redwood adds. And there are other technologies, using machine learning, that can stop fee earners or secretaries from emailing the wrong people.
“Through machine learning, the system can determine who you normally send certain types of information to, and it will send a prompt if you’ve made a mistake, such as if you’ve typed the wrong Phil Smith into the recipient box. Little things like that make all the difference when it comes to sensitive client data.
“We can secure everything within our data centre, but we also work with firms to make sure that all of their local environments are secure – everything from their wireless networks through to the machines on the desk, through to their handheld devices, making sure that we can remotely monitor and manage all of those devices.”
Nasstar can take firms through certifications such as Cyber Essentials Plus and ISO 27001 – these will help firms build better process and understanding of data security and awareness in their user base.
Law firms are easy targets for cybercrime for two reasons, says Redwood. “First, and most obviously, the information firms hold on behalf of their client is often private and confidential, and that can be very valuable on the open market.”
As a result, he adds, targeting a law firm gives a hacker access to the personal information of multiple commercial organisations as opposed to if they targeted one organisation. “Law firms aren’t just controllers of their own data but their clients’ data as well, and that makes them an appetising target. The second reason is because, historically, in-house IT departments haven’t had the budget or skillset to really keep on top of the changing demands of IT and threats on the horizon.”
That’s why it is essential that firms practice process and awareness training regularly and at every level of the organisation.
GCHQ stated in 2016 that out of 100% of instances of cybercrime only 20% could be prevented through technology – therefore the other 80% is down to better processes and people.
Redwood says: “People are far too trusting in this day and age. A good example of this is that nine times out of 10 fee earners didn’t hesitate to connect their mobile device to Costa’s wireless when sitting in the shop.“
How do you know that it’s really Costa’s wireless? It could easily be a hacker sitting in that coffee shop with a wireless router in their bag transmitting a name called Costa.”
He says it’s being aware of threats like that, and therefore not getting sucked into the consumer way of doing things when staff are working with a firm’s device, that is crucial to protecting a firm.
Something that Nasstar always recommends is using two-factor authentication alongside a username and password. Thanks to advances in gaming technologies, graphics cards are now more powerful than ever – this means that hackers can now brute force attack a password more quickly.
This doesn’t just apply to the outside world, Redwood warns. “Two-factor authentication should be used in the office as well. We’ve proven to customers that we can dress a member of our team up in a yellow bib and walk into any office posing as a tradesperson and sit unchallenged all day.“
It ultimately comes down to the right training. People need to learn to challenge themselves – if they see an unfamiliar person sitting at a desk in the office, they should go and check who they are.”
Redwood says it’s important to have solid data prevention and detection technologies, and increase security by using the cloud and training staff – all of these things will make a hacker’s life that much more difficult.