Stop relying on cyber security software alone

Risk managers could be more at risk from cyberattack than they realise if they are relying too heavily on cybersecurity software, according to experts in the field.

Speaking at the PARIMA Cyber workshop, supported by Anquan and Horangi, hosted at the AirAsia offices in Malaysia, Anquan chief technology officer, Rajeev Gopalakrishna, said: “When you deploy a piece of software, you have no real control over what that is or how it works. You were not part of the development process so you shouldn’t rely on this alone.”

Gopalakrishna stressed that one of the main issues with cybersecurity is that many firms do not understand what is really at risk. “What are your assets? If you don’t know exactly what they are, how can you protect them? This is the billion dollar question.”

Reputational risk in the event of a breach is another intangible asset that many firms do not take into account when looking at cyber risk and how to protect their business, noted to PARIMA chairman, Franck Baron who was in attendance.

Malware threats continue to increase year-on-year. Gopalakrishna said McAfee Labs figures show the total number of malware threats hit 750,000,000 in Q3 2017. He also said the number of breaches with more than 10 million identities exposed has risen from 11 in 2014 to 15 in 2016. In 2016 alone, 1.1 billion identities were exposed and in the last 8 years, more than 7.1 billion identities have been exposed by data breaches, according to Gopalakrishna.

“They just need to know the weakest link to your business. One weak password gets the hacker access to your system,” he said. Gopalakrishna added lots of firms use the same software so hackers only need to learn how to hack one piece of software in order to hit a number of businesses.

The email phishing risk continues to be related almost entirely to the human factor. Even with all the protections and education in place, businesses can’t guarantee employees won’t click on it, Gopalakrishna said.