Playing the cyber security percentages game.
There's a common phrase when talking to some businesses about cyber security that goes something on the lines of 'I'm too small to be noticed/It's not going to happen to me'.
In a recent article on CSO they offered some interesting insights into the facts and figures for the UK as follows:
Data breach scope in the UK
Up to 88% of UK companies have suffered breaches in the last 12 months, Carbon Black reports. That is lower than Germany (92%), France (94%), and Italy (90%)
One small business in the UK is successfully hacked every 19 seconds, according to Hiscox. Around 65,000 attempts to hack small- to medium-sized businesses (SMBs) occur in the UK every day, around 4,500 of which are successful. That equates to around 1.6 million of the 5.7 million SMBs in the UK per year. Cisco estimates 53% of SMBs suffered a security breach globally in 2018.
Thirty-seven percent of UK companies have reported a data breach incident to the Information Commissioner’s Office (ICO) in the past 12 months. Seventeen percent had reported more than one incident.
It is extremely difficult to block 100% if cyber threats no matter how much money you spend on the latest cyber protection tools. If you can't block it then you need to be able to detect it, and that means analysing what is happening on your network 24x7x365. Ideally you want to be able to move from a reactive posture to one of threat hunting.
From a technology perspective your average SIEM is great for log analysis and alerting once a breach has occurred. What would be better is having a platform that is able to look at the big picture and is able to spot the tell-tale signs that a hacker is starting to probe the network for weaknesses.
XDR platforms such as Overwatch have been designed from the ground up to allow our SOC analysts to threat hunt and give meaningful insights into what is actually happening on Customers networks.