Frequently Asked Questions.

We are happy to help you get an answer to your question. Is your question not listed? Ask us here

FAQ

An organization that does not arm its IT landscape against digital threats such as hackers and ransomware is likely to fall victim to hackers. The question is not if, but when it will happen. The better protected and the higher the quality of the monitoring for unwanted intruders, the smaller the damage to the organization. Recent studies show that the chance of a company getting hacked is 1 in 5. Preventing a cyber incident beforehand is more affordable than solving a cyber incident afterwards.
I’m not a target, am I? This is an often used argument, but no longer tenable since the GDPR. Every organization has access to personal data of customers, suppliers and employees. Identities are wanted since hackers can easily conclude contracts with name and address details, pay slips and identity documents of your employees. This usually happens for phone subscriptions and private lease constructions. Virtually all organizations that have fallen victim to digital crime in recent years were not a deliberate target but the victim of automated attacks. The search for vulnerabilities in IT infrastructures and systems in organizations is becoming increasingly automated. Employees are bombarded with emails, whatsapp, text messages and messages on social media to entice them to contact the criminals. All necessary information is available online at the Chamber of Commerce. In addition, organizations are automatically tested for weak passwords and vulnerabilities in technology. Essentially everyone can be a target.
A firewall blocks traffic that is preset as unwanted. This is usually traffic that tries to enter the company from the internet. Traffic from the inside to the outside is almost always allowed. If a part is already blocked, then ports 80, 443 and 53 are always open. Attackers therefore use methods such as phishing to gain entry and thus communicate through the open ports. Attackers are then in the network at that time, while the firewall is not aware of anything. The malware can then communicate freely to the internet, making data breaches possible. A firewall is necessary but not the ultimate goal.
A strong defence consists of standard measures, such as trainings, and technical measures, such as firewalls, anti-virus software and monitoring and detection. The latter two execute SecureMe2 Cyberalarm. Detection sends a signal once an attacker has succeeded despite these measures. Initially, measures are aimed at preventing an incident. Inevitably, despite the measures taken, an incident could take place. When it does, it is important to have the right processes, tools and knowledge in place. Processes such as isolating networks and shutting down infected systems allow Cyberalarm to find out how a hacker has penetrated the organization and how to be operational again as soon as possible.
The biggest problems are business continuity, reputational damage and costs. The unavailability of crucial software, the support of experts in the field of security incidents, in the worst case paying the hackers and then repairing the entire IT environment drive costs. If customers are not properly informed and guided, these types of incidents can have a major impact on turnover. Average costs of such a process: IT downtime: 140,000 Euros per day to 540,000 Euros per hour for the largest organizations, an average of 200,000 Euros in ransom, 750 Euros per hour for incident response and 400,000-1,000,000 Euros for complete vetting and repair of the IT environment.
The crown jewels of an organisation are the digital properties and data that make an organisation unique. An example is the intellectual property or the self-developed software that enables an organisation to service its customers. Or the data that gives an organisation its competitive edge. Because this information is so valuable to a company, hackers try to get their hands on it and use it to blackmail an organisation. If the crown jewels fall into the hands of hackers or are no longer usable, the continued existence of an organisation is at risk. It is precisely these digital assets that must be identified, protected and backed up at all times. The monitoring of access is done with a network intrusion detection system.
Every organization has one or more (IT) partners. That is why it is important to ensure that you cannot be attacked through vulnerabilities in the IT landscape of partners. Chain risks can be mitigated by requiring critical partners to take the same security measures and to work together to increase resilience. The GDPR requires the organization to map out data security within the chain and to take responsibility for this. This is especially true for IT suppliers. Ideally, an organization can check whether the IT partner has demonstrably arranged information security well.
The Cloud and SaaS solutions are generally well secured and software updates are generally performed in a timely manner. However, organizations themselves are responsible for the configuration and data. To avoid liability, the demarcation is often captured in a shared responsibility model. It is therefore important to realize that you are still responsible for your own safety. This has not been bought off with the cloud. In addition, don’t forget that access to the cloud is via a local. Hackers therefore use the computer on your desk to infect the cloud. The cloud makes things much easier, but certainly not by definition more secure.
Every organization is expected to comply with laws and regulations. The GDPR, which was introduced in 2018, obliges organizations to be demonstrably in control of information security. Just having a firewall and anti-virus is no longer seen as in control. More needs to be done to prove that as an organization you put the interests of customers, suppliers and employees first and therefore take the right measures. Monitoring is the norm here.
Unfortunately, there is no such thing as 100% security. Detecting digital crime within your IT environment is a basic functionality for organizations that are not a target. Compare it to a camera at the entrance of your physical company. In addition to a lock, this is indispensable if an organization wants to secure its physical company. Therefore, monitoring and detection with the most up-to-date information on attack patterns is crucial to increase resilience and the best you can do to ensure security.

Ask Alexander.

Alexander Zwiep

+31-85-060 5424