Contact us today.Phone: +1 888 282 0696Email: sales@aurorait.com
Aurora Blog

How Failure of Cybersecurity Tools Are Impacting Business Operations

Introduction

In the late forties when American aerospace engineer Edward Murphy suffered the mortification of witnessing a mishap in his rocket sled tests, he unwittingly popularized one of the best known of the Murphy Laws – If something can go wrong, it will. Though the ‘law’ was more in the manner of a humorous statement, its significance as to the unpredictability of life and the relevance of being prepared for contingencies cannot be overstated. In the cybersecurity world, as increasing reports come in of tools being unable to either quell or significantly reduce the impact of attacks, the ‘law’ serves as a reminder of how fragile protection can be, and how prepared for penetration/remediation SOCs need to be.

The big bad wolf is winning

Organizations are investing heavily in cybersecurity tools to ward off potential attackers. Yet the same tools that are put in place to defend against attacks, often come up short, exposing the organization’s critical data assets. The failure rate is alarming, many experts say. A 2019 Global Breach Level Index Report (1) puts the number of compromised records a day at a staggering 18 million, with the hourly average standing at 770,000 records.

The ramifications are devastating. Take the case of the Ticketmaster breach. In April-May 2024, the ticket sales and distribution giant experienced a gigantic hack that resulted in over 560 million users’ data being exfiltrated. Apparently, the attackers gained access to a cloud service provider using an employee’s stolen credentials obtained via information-stealing malware. 

Why its happening

Help Net Security (2) paints a dismal picture of the reasons for the failure of security tools. If the statistics are anything to go by, then organizations would do well to immediately look at drastic evaluation of the tools they deploy. Some of these statistics bear scrutiny.

The report says that 54% of tools worked with actually increase the workload instead of reducing it, with a similar percentage calling it a ‘hindrance’ rather than a help when it comes to identifying attacks. The report goes on to make a damning statement about organizational investment in security tools, terming the spending a ‘box-ticking’ exercise intended to meet compliance requirements.

Who is responsible

In an article published recently, ISACA (1) says that the blame for the failure of cyber tools actually lies squarely with all the stakeholders in the cybersecurity process. Product vendors are called out first for being the most responsible, simply because they are just not up to speed with the threat landscape. Translated this means that the products that they sell to organizations often don’t measure up to the threat scenario in real time.

Internet Service Providers (ISPs) are called out next, for their failure to often enforce adequate security controls for malicious sites, resident malware and even reporting of cybercrime.

The report goes on to name Managed Service Providers (MSPs) for their tendency to produce false alerts and their failure to adequately address imminent threats and remediate attacks.

Business shortcomings mainly in the nature of traditional mindsets come next, with the still-existent fallacious view that cybersecurity is a cost center and a last resort for data protection.

Security professionals are fingered next, for their failure to effectively garner buy-in for industry-leading security with the C-Suite.

A case study

The hack on Verizon is often cited to make the point that no one is unassailable, and the effect of the attacks can be widespread and extremely damaging. The telecommunications giant’s recent outage in October 2024 rendered many businesses on the company’s network without crucial communication channels, literally bringing the productivity of a number of businesses to a standstill. The hack is attributed to a state-sponsored attack (12) by the Chinese hacker group Salt Typhoon, and resulted in the exfiltration of sensitive data of millions of customers. The famous domino effect came into play, no sooner than the attack was orchestrated, with many communication agencies like AT&T and Lumen Technologies also being affected. The attack is being investigated by the Federal authorities including the FBI and CISA.

Keeping the wolf at bay

Forbes (3) offers a practical checklist for organizations looking to review their cybersecurity posture and setup, and decide what they need to take up to improve.

  • Automated patch updates will keep the network in a state of real-time readiness. Attackers are known to exploit systems which are not updated
  • Using Multi-factor authentication (4) and password hygiene (5) will considerably shore up defenses
  • Data encryption is a must, as attackers prey on open unencrypted data
  • Employee training and awareness is widely regarded as the first line of defense (6) in cybersecurity threat identification. Emphasis needs to be given to threat reporting (7) as well
  • Enforcing strong business email security as emails (8) constitute a huge quantum of the communication in an organization and provide a large attack surface
  • Deploying leading-edge security systems like XDR (9), EDR (10) and Zero Trust architecture (11) to ensure real-time security
  • Vendor and supply chain checks as these often constitute weak points in the cyber chain
  • Internal reviews of cybersecurity policies and practices

Conclusion

While risk is inherent in cybersecurity management, and it can be safely stated that attacks are always just around the corner, organizations cannot afford to either shy away from their responsibility to protect sensitive data or live in fear of attack. The only way forward remains to be vigilant, updated, and on red alert for the next wave of attacks. CEOs and CISOs know exactly the price that is to be paid if their data is compromised. Under such circumstances, one would expect greater focus on cybersecurity and the perils of discounting it. Despite much awareness however, cyber experts like Richard Hollis (1) of cybersecurity risk firm Risk Crew says ‘businesses often fall short in aligning security to their strategy.’

It is a position that calls for immediate change. Else, the Murphy’s Law cited above – of something going wrong if it can – would become more the rule than the exception.

References:


Contact us at sales@aurorait.com or call 888-282-0696 to learn more about how Aurora can help your organization with IT, consulting, compliance, assessments, managed services, or cybersecurity needs.

Recent Posts

Copyright © Aurora Systems Consulting, Inc. All rights reserved.