On the 28th of March 2021, Australian broadcaster Channel Nine was hit by a rather insidious cyber attack. The channel was rendered inoperable — unable to air its Sunday news bulletin and several key shows. The attack also ended up affecting the channels’ Sydney headquarters, interrupting critical operation in the networks’ publishing division. Cybercrimes have been on the rise during the last couple of years and the arrival of the COVID-19 pandemic only served to fuel the activity and the proliferation of hackers. That attack on Channel Nine ended up costing the company millions of dollars and created a PR nightmare that to this day they still feel. What’s even more daunting concerning that case study is the fact that the attack could have been prevented had they had a SOC team as a service provider.
Why is cybercrime on the rise?
2020, due to the pandemic, the lockdown, and the way the world changed, created the perfect environment for cybercriminals to proliferate. It was a perfect storm of opportunities that the digital hooligans took advantage of.
- E-commerce became a major global trend. Most businesses had to implement e-commerce protocols overnight to survive. Molding those platforms on the fly with little to no protection.
- 70% of workers had to start doing their jobs remotely. Suddenly, staff had unlimited access to a company’s mainframe without the protection of an onsite SOC team.
- Millions of individuals in emerging nations were laid off. Most pivoting into new side hustles — like cybercrime.
- Technological advances, like G5 networks, hit the world — disrupting security measures and established protocols.
- The emotional state of the world, the rage, unease, frustrations, led to a rise of antisocial behavior.
2020 became a before and after in the world’s war against cybercrime. It was a turning point, one that benefited the hackers and had SOC teams around the world on the defensive, scrambling to stay current with the crimewave.
Security gaps
Cybercriminals mostly work on identifying your company’s weaknesses and exploding them. They hardly, if ever, attack a company in an innovative way that couldn’t be shored up. When after-action reports are filed by SOC security services, 9 times out of 10, the breach could have been prevented. These are called “Gaps”; Achilles’ heels your company has that a cybercriminal can spot a mile away.
Most SOC as service provider teams audit your company for these gaps and try to give you curated responses to them.
Top-7 Cybersecurity threat response gaps.
H3: Unpreparedness for cyber incidents
Most companies, particularly small businesses, are simply oblivious to how cyberattacks can damage their brand and their revenue. Most small businesses have an erroneous concept of what cyberattacks are. They are under the false impression that hackers only target HUGE multinational conglomerates. Why would a digital mastermind attack my small downtown boutique? If you’re operating with personal data and financial information then you’re a target.
Lack of Monitoring and vulnerability reporting
Businesses simply don’t have analysis capabilities nor do they have the hindsight to plan for it. SOC teams not only audit your company but also update security measures based on reports and constant monitoring.
No mobile/Home/Travel security
Your worker goes home, or they’re traveling, or they are on their smartphone — How sure are you that they are implementing security measures on these devices? Have you even told them? Do they know how vulnerable they are to unprotected WiFi? Or are they simply abroad, on vacation with their families, desperate to check their emails, and hopping on the first free network that pops up on their cell phone? How much data does your employee take with them outside the office? How much access do they have to your company from their home?
Inconsistency in cybersecurity enforcement
Unless you’re dealing with an expert team, most security measures against cybercrime are either inconsistent or outdated. Enforcement is based on bad intel and even worse strategies.
Inflexibility in adaptation after a breach
Most teams that aren’t professional SOC service providers have little to no wiggle room. They work off a template and guidebook. When breaches occur – which they always do – they don’t adapt properly to them, let alone update their schemes and practices to the newest attacks.
Fails in the application of key cybercrime prevention techniques
A SOC team, most of the time, works on the offensive plays — Techniques that prevent cybercrime. techniques that attack hackers and criminals before they even make their grand play. Most amateur teams work on a defensive posture, reacting to a breach.
Slow threat detection and response
Every minute counts. When you detect a breath, every second that passes has a dollar amount. Every minute can be weighed in gold. Slow threat detection and response mean your company is hemorrhaging money with every passing second your team is scrambling and trying to figure out what to do. A professional SOC as service team has plays ready for the moment breaches occur — they are never caught with their pants down.
How does SOC as a Service provider minimize gaps?
Professional teams that provide security as service work on the premise that your company, no matter how atoned, how tech-heavy, or modern, is a mess. That’s how they come in — with the idea that your security needs an overhaul and that half your team is at home, checking their cloud services while passing bank data to that fine Nigerian Prince willing to give us 10% of their vast fortune just for a helping hand. They are on their phones clinking on every ad and downloading pirated music and movies on the same laptop they use for work. A security service provider audits your company under that optic, they expect the worst. It’s in this supervision and investigation that all those gaps criminals will exploit pop out. They minimize gaps by taking a long detailed look at your business, by understanding your needs, by shoring up your infrastructure, by thinking ahead, and keeping their nose on the ground on what new threats are just around the corner.
