13 February 2015
PA Consulting Group’s Edward Savage and Stephen Bailey are quoted in an article in SC Magazine. According to a new report, over one billion records were compromised last year as data breaches became a regular occurrence, especially in the UK.
Responding to this news, Edward Savage and Stephen Bailey say that criminals remain a step ahead of security professionals. “PA's recent survey showed that security professionals are increasingly confident that they are doing what they can,” says Edward. “Understanding of cyber-risks is increasing too. But the industrialisation of criminal activity, and the fact that people are still making it easy for criminals through unthinking action, is leading to growth. The solution lies not just with technical solutions but with better education and behaviour change.”
Stephen adds: “As good quality malware becomes more available and easier to deploy it is lowering the entry bar to those wanting to carry out malicious activities. This is increasing the numbers of attackers.
“Businesses do seem to be falling victim to the same sorts of attacks that keep exploiting the same vulnerabilities, which suggests businesses aren't learning from others or perhaps not moving quickly enough with their security improvement programmes.
“There is no real substitute for testing your infrastructure and applications using ethical hackers deploying the same tools and techniques as the bad guys. Make sure your security improvement programmes have cyber-awareness at their core. Technology alone won't protect you from a determined attacker.”