A-Z of cyber security part three: from quick response to zero day

Agenda magazine Agenda magazine

Being hacked is just a major challenge for IT. Right? Wrong.

Our A-Z of cyber security concludes by pinpointing some steps business owners can take to easily boost their cyber security, and prevent and protect against cyber attacks.

Q is for quick response

No organisation wants to fall victim to successful cyber attacks. Working out the impact of the immediate damage, worrying about what’s still to come, wanting to act but knowing it’s probably too late. Having good perimeter defences and effective controls are the foundation of good cyber security, but they are not a fail-safe. You also need to think about your response when there is an incident and who can help you when it’s really needed. Chief strategic officer at reputation intelligence and analysis group Alva, Alastair Pickering, says: “Not communicating quickly or, worse still, external parties uncovering the issue, generally results in a more tenacious news cycle, with more frequent and damaging reporting of the issue prolonging the impact of cyber attacks.”

R is for risk management

Cyber isn’t just a technical problem – it’s a risk that should be managed in a similar way to all other business risks. While it may not be possible to completely prevent risk, understanding how your organisation functions around technology, from hardware and data to people and business processes, will help identify particular areas of weakness. The National Cyber Security Centre1 advises assessing the digital technologies and systems that are critical to your business, identifying who might attack them and how they might be vulnerable. As with all internal and external risks, this is something boards need to do as part of their overall risk strategy and not just assume their head of IT has it handled.

S is for supply chain risk

Even if you think your supply chain and systems are secure, cyber criminals might choose to attack you through third parties. In 2014, US retailer Target suffered a breach using network credentials stolen from an HVAC vendor that compromised the data of more than 70 million customers, cost $18.5 million in settlements and led to the resignation of its CEO.

T is for TTPs

Tactics, techniques and procedures (TTPs) are the “patterns of activities or methods associated with a specific threat actor or group of threat actors,” according to the Definitive Guide to Cyber Threat Intelligence. Penetration testing is designed to simulate TTPs used by hackers in order to strengthen security postures and ensure greater resilience to cyber threats.

A-Z of cyber security
Part one: from assurance to Grant Thornton Find out more
A-Z of cyber security Part two: from hacking to privacy Find out more

U is for updates

Also commonly referred to as patching, one of the key tenants of any cyber security arrangement is ensuring that you run software updates. The majority of cyber attacks make use of known software exploits for which updates are available. For example, if all NHS Trusts had conducted software updates when advised, most of the UK would never have heard of WannaCry.

V is for vulnerabilities

Vulnerabilities exist in almost every computer environment, including in software, hardware and their human operators. Hackers are adept at identifying them with increasing ingenuity, across every manner of system. We are seeing double digit increases in overall system vulnerabilities, across every variant of device.

W is for WannaCry

On 12 May 2017, the WannaCry global ransomware attack hit, locking down more than 200,000 computers in over 100 countries. Although not a specific target, the NHS was the UK’s biggest victim. Some 19,000 patient appointments had to be cancelled, with five A&E departments turning patients away until 19 May, when the NCSC and the National Crime Agency managed to halt the attack. It used a known exploit that the majority of NHS bodies had applied a patch against. No ransom was paid, but the government put the cost of WannaCry to the NHS at £92 million.

X is for XCyber

XCyber is a cyber security firm focused on the human side of cyber attacks. Formed by a team with more than 200 years of cyber experience and leadership in the British government, it has advised law enforcement, intelligence and security services across the globe on cyber security and defence. It produces intelligence-led, data driven and evidence based reporting to provide insights organisations case use. Its proprietary intelligence platform, Tsunami Buoy, is a key component in our covert imminent breach system (CIBS) subscription.

Y is for your future

The World Economic Forum’s Global Risks Report2 ranks cyber security as the second greatest risk to doing business in the UK. This is due to the damage cyber attacks can cause to a company’s immediate business capability and its reputation. The extent of the damage may depend on the size of the breach, how quickly and effectively the company is perceived to have acted, the number of stakeholders affected and the company’s pre-existing reputation. Having all the protections and systems in place to prevent a breach and mitigate any fallout is crucial for the longevity of your company.

Z is for zero-day

A zero-day vulnerability refers to a cyber security hole in software that is unknown to its maker, or to antivirus companies. This means the vulnerability is also not yet publicly known, though it may already be known by cyber criminals who are quietly exploiting the flaw. Zero-day refers to the fact that developers have zero days to fix the problem once the vulnerability does become publicly known, at which point they have to work quickly to fix the issue and protect users.

To discuss how you can protect your business from cyber attack, contact James Arthur, partner and head of cyber consulting.


1 Cyber security for major events, National Cyber Security Centre, 2019

2 Global risks of highest concern for doing business, World Economic Forum, 2016

CEO insights

Sign up to get the latest insights and stories for owners and business leaders by email