As a security consultant and solutions architect helping clients in the European region design and implement security solutions to protect critical network infrastructures, I often ask myself why companies get hacked. A trivial question it may seem but deeply rooted in the fact that we as humans are often the weakest link in complex cybersecurity systems and do make mistakes.
If you are a cybersecurity professional or security enthusiast, this article is for you. I cover 7 reasons why companies get hacked based on my experience working with clients in several sectors including banking, healthcare, insurance, oil & gas, etc.
The question is not if your company will get hacked but when. Planning and ongoing preparation is the ultimate protection against cyber-attacks.
1. Humans are the weakest link
Humans are programmed to make mistakes. That’s how we learn. That’s how we have evolved biologically. Look at SpaceX, they made lots of mistakes and eventually mastered advanced rockets and spacecraft technologies. Even with a team of experts, they still manage to crash lots of rockets before docking successfully to the ISS.
The same applies to cybersecurity. Mistakes will be made, not if, but when. When that happens, an attack window opens. A hacker may strike within that gap. Even in the most tightly controlled networks, humans make mistakes. This is inevitable, so the best defense is to implement robust security measures, but also plan and prepare for fast remediation.
2. Cybersecurity technology is very strong but expertise is weak
With all the stories we hear in the news about several small and large firms being hacked, a naive question may be asked as to why organizations can’t just buy the most secure and advanced solution and be done with security. Things are not so simple.
For one, security systems are designed, implemented, and managed by humans. As long as that remains the case, a flaw may always appear in the chain. Moreover, cyber security technology is extremely strong and we are not short of amazing technologies.
One only has to look at the many firms providing advanced cybersecurity solutions that deliver robust defenses in many unique ways. Yet the expertise to configure these sophisticated security products for their most optimum performance remain scarce and very niche. Cyber criminals know about this expertise gap and are exploiting it to their advantage.
3. Cyber criminals have the edge
Cyber criminals do what they do for fun, money, government and industrial espionage, political reasons, etc. They only have to find ONE flaw in a system – whether technological or sociological – and it leaves security administrators scrambling to patch and protect against ALL flaws. That is not an even fight!
With enough patience and will, even the most secure system can be compromised by dedicated cyber criminals with expertise. What really matters is how fast a company can react to security flaws, patch holes, learn, respond, train, and continue to strengthen security measures and on-going processes against cyber-attacks.
4. Cybercrime pays more
Cyber criminals are moving to the ”digital battlefield”. It makes sense since cybercrime appears to be transparent, less risky, and the chance of being caught seems remote.
One can look at the recent cyber-attacks at several banks that exploited the Swift banking system with several millions of dollars at risk in what appears to be the greatest cyber theft attempt ever. Online crime is seamless, it’s cyber, and it’s often untraceable. No wonder why this is becoming a safer alternative for traditional criminals.
5. Humans do fall asleep in the cyber battlefield
Security administrators can fall asleep in the ”cyber battlefield”. When that happens, a cyber criminal may strike. Unless processes are put in place to constantly review security systems, improve products, learn from failures, and keep administrators and staff trained, the cyber security defenses in any organization will remain weak against Advanced Persistent Threats (APT).
6. Technology as a whole moves very fast and the pace is relentless
With technology moving at lighting speed, it is not surprising that humans can’t keep up with cyber-attacks. Perhaps we should let the ”machines” with Artificial Intelligence (AI) take over cybersecurity administration and let them enforce security – and take humans out of the equation? A bit extreme of course, but not unrealistic.
For one, machines can follow rules flawlessly and keep up with the pace of cyber-attacks, as well as adapt much more quickly than humans can. They won’t fall asleep in the cyber battlefield and may prove to be less sloppy than humans at maintaining security standards and processes. But there is still a long way to go before ”Skynet” can automatically defend organizations against cyber criminals without any human intervention.
7. In cyberspace, you only know what you know
The challenge of cyber is the ghost like transactions that happen faster than humans can cope with. What is really happening in your network may be a mystery. But with security analytics, knowing what you should know is good. But knowing what you don’t know is better.