The incidence and cost of cybercrime is skyrocketing, and businesses are having trouble keeping up
According to research from Accenture, the cost of cybercrime increased by 27 percent between 2016 and 2017, and the average cost of cybersecurity, on an annualized basis, stands at $11.7 million. As the world becomes more connected, and more data is stored, these costs are only expected to rise, according to the report. Furthermore, the public now pays attention to data compromises more than ever before, and the reputation hit companies take when their systems are compromised has risen significantly. Large players in the industry are taking note, and companies including Microsoft and HPE are taking steps to help mitigate damage. Kyle Todd, HPE’s Microsoft Category Leader, recently explained some improvements being made.
Cybercrime 101: Just the Facts
Other facts outlined in Accenture report noted that ransomware attacks, perhaps the most lucrative form of cybercrime, doubled between 2016 and 2017. Furthermore, companies spend approximately 3.8 percent of their IT budgets on security, a figure that dropped from 4 percent in 2014. Perhaps most concerning, 56 percent of executives state that their response to security is reactive instead of proactive. Todd outlines how this approach leaves companies vulnerable, as it typically takes only 24 to 48 hours for cybercriminals to compromise systems, and they can go undetected for an average of 100 days or even longer. These undetected intrusions allow cybercriminals to collect more and more data, and they can lead to compromises of other systems. Furthermore, undetected intrusions let attackers plan their next attacks, so ransomware attacks, for example, might be even more expensive to resolve.
Businesses today are facing a greater #cybersecurity threat than ever before. But there are steps you can take to protect yourself. @dKyleTodd explains how to stay secure within budget. #HPEMSFT pic.twitter.com/YofOAwZiDD
— TechNative (@TechNative) May 22, 2018
Credential Guard
Some of the most powerful tools for protecting data come included in Windows Server 2016. Credential Guard, in particular, should be a central technology for those relying on Windows Server. Modern secure computing relies on digital hashes as an improvement over passwords, and eliminating the need for passwords significantly reduces potential attack vectors. However, cybercriminals can actually use the hashes in place of system passwords, giving them virtual keys to data. Because hashes are so well trusted, compromises often go undetected for extended periods of time. Once they’re able to access domain admin privileges through compromised hashes, the entire system is completely compromised. Credential Guard includes a number of integrated safeguards to prevent these attacks, which can be some of the most difficult to detect and recover from. By cutting off these attacks through Credential Guard, companies can fend off attackers focusing on the most popular intrusion techniques.
In the second part of our #CyberCrime 101 series, @dKyleTodd talks about the protection you can get directly from #WindowsServer 2016. #HPEMSFT #PassTheHash #InfoSec pic.twitter.com/Y8DQwhHful
— TechNative (@TechNative) May 22, 2018
Just Enough Administration and Just-in-Time Administration
Historically, admin accounts often have full range over systems, with only small limitations put in place. Just Enough Administration offers a more sophisticated approach, so even if an admin account is compromised, would-be hackers will find themselves with very few privileges, significantly limiting their ability to inflict damage or steal data. Just-in-Time administration fixes the problem of admin creep. When users are given admin privileges to perform certain tasks, these privileges are rarely taken away. The Just-in-Time approach ensures accounts that don’t need ongoing admin privileges don’t serve as attack vectors. By being able to remove access to admin functions, Just-in-Time administration provides a more fine-grained approach to information access.
Often people given admin capabilities for minor tasks either never have them revoked or are given way more access than they should be. This widens the scope of attack for cyber criminals – but #WindowsServer offers a solution. @dKyleTodd explains. #HPEMSFT #InfoSec pic.twitter.com/RRwOvgH8t7
— TechNative (@TechNative) May 23, 2018
Device Guard and Enhanced Auditing Capabilities
We use more and more devices and device classes than ever before, which creates an array of potential attacks. Device Guard is used to create policies that restrict the ability of a hacker to install malware that could make an entire datacenter vulnerable to attack. Enhanced Auditing Capabilities serve as a powerful complement. Malicious actors can often fly under the radar while compromising a system, as potential signs of intrusion would be ignored as noise. Enhanced Auditing Capabilities can seek out these signs, giving companies the ability to react promptly and prevent damage.
If a malicious actor gets access to your #datacenter and tries to run #malware, your business could be in serious trouble. But there is a way to protect yourself and your data. @dKyleTodd explains. #HPEMSFT pic.twitter.com/CBdHntKHxH
— TechNative (@TechNative) May 23, 2018
HPE Gen10 Server Security: Silicon Root of Trust
Network security is at the forefront of keeping systems safe. However, hackers are moving toward targeting system BIOS and firmware, creating ways to infiltrate systems that won’t be caught by firewalls and other technology. Instead of viewing bits of firmware as independent units, HPE has created a cohesive web of firmware that works in an integrated manner. The Silicon Root of Trust analyzes the fingerprint created by a system’s firmware, and this fingerprint is regularly measured so the attacked area can be isolated and administrators can be alerted instantly if the critical firmware has been compromised. As the line between hardware and software becomes less clear, focusing on hardware security is becoming even more important. The Silicon Root of Trust serves as a powerful top-down means of monitoring for intrusions and mitigating potential harm.
#Cyberattacks on systems BIOS and Firmware are increasing. But there is a way you can protect your organisation against these kinds of attacks. Here, @dKyleTodd talks about the protection you get with the HPE #Gen10 Silicon Root of Trust. #HPEMSFT #InfoSec pic.twitter.com/lW7pyBgER3
— TechNative (@TechNative) May 25, 2018
HPE Gen10 Server security: HPE Secure Compute Lifecycle
The National Institute of Standards and Technology stands at the forefront of developing systems safe from cybersecurity attacks, but the complexity of the technology they develop, and potential associated costs, means adoption has been fairly slow. Their advances include both standards for software and hardware, and systems that meet these standards can be assured of having state-of-the-art capabilities. HPE is the only system vendor that has invested in the high levels of security provided by NIST, at costs that are competitive with systems that don’t comply with these standards. . Focusing on the well-funded results of NIST research makes HPE a clear choice for companies looking for the utmost in security. NIST also follows guidelines for ensuring data on used storage devices is scrubbed in such a way that it can’t be recovered, even with the most sophisticated tools available.
When your #datacenter systems reach their natural end of life, how can you be sure the data on them is unrecoverable by a malicious actor? @dKyleTodd explains why following #NIST protocols gives you that peace of mind. #HPEMSFT #Cybersecurity #InfoSec pic.twitter.com/Fdbd5K5cg8
— TechNative (@TechNative) May 25, 2018
For those outside of IT operations, the solution to cybercrime seems simple: Just spend more money. Those who work in datacenters and make decisions, however, realize that budgets can’t keep rising forever, and what’s needed is a smart approach that takes advantage of modern security practices. HPE is focused on delivering the highest levels of security for their customers, but they’re also mindful of the typical budgets companies can afford. Security is a critical investment, and using contemporary approaches to both hardware and software security can prevent the cost and embarrassment of having a system compromised.