Cyber-Security 101 for Business Owners

Running a business require skill with multiple things happening simultaneously that require your attention. One of those critical things is cyber-security – critical today to have your focus on.

In the digital world today, all businesses have a dependency on the Internet in one way or the other… For SMEs (Small Medium Enterprise) that uses the Internet exclusively as their sales channel the Internet is not only a source of opportunity but the lifeblood of the organisation. An enterprise has the ability, through the Internet, to operate 24×7 with digitally an enabled workforce bringing unprecedented business value.

Like any opportunity though, this also comes with a level of risk that must be mitigated and continuously governed, not just by the board but also by every member within the team. Some of these risks can have a seriously detrimental impact to the business, ranging from financial and data loss to downtime and reputational damage. It is therefore your duty ensuring your IT network is fully protected and secure to protect your business.

Statistics show that cybercrime is exponentially rising. This is mainly due to enhancements in technology enabling and giving access to inexpensive but sophisticated tools. Used by experienced and inexperienced cyber criminals alike, this is causing havoc across networks resulting in business downtime that costs the economy millions every year.

If your business is not trading for 100 hours, what is the financial and reputational impact? That could be the downtime caused by, for example, a ransomware attack – yes, that’s almost 5 days of no business, costly for any business!

Understanding the threat

Cyber threats take many forms and is an academic subject on it’s own. So where do you start?

First you need to understand the threat before you can take preventative action.

Definition: Cyber security or information technology security are the techniques of protecting computers, networks, programs and data from unauthorized access or attacks that are aimed for exploitation.

A good start is to understand the following cyber threats:

  • Malware
  • Worms
  • Trojans
  • IoT (Internet of Things)
  • Crypto-jacking

Malware

Definition:Malware (a portmanteau for malicious software) is any software intentionally designed to cause damage to a computer, server, client, or computer network.

During 2nd Q’18, the VPNFilter malware reportedly infected more than half a million small business routers and NAS devices and malware is still one of the top risks for SMEs. With the ability of data exfiltration back to the attackers, businesses are at risk of the loss of sensitive information such as usernames and passwords.

Potentially these attacks can remain hidden and undetected. Businesses can overcome these styles of attacks by employing an advanced threat prevention solution for their endpoints (i.e. user PCs). A layered approach with multiple detection techniques will give businesses full attack chain protection as well as reducing the complexity and costs associated with the deployment of multiple individual solutions.

Worms

Definition:A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. Often, it uses a computer network to spread itself, relying on security failures on the target computer to access it.

Recent attacks, including WannaCry and Trickbot, used worm functionality to spread malware. The worm approach tends to make more noise and can be detected faster, but it has the ability to affect a large number of victims very quickly.For businesses, this may mean your entire team can be impacted (spreading to every endpoint in the network) before the attack can be stopped.

Approximately 20% of UK businesses that had been infected with malware had to cease business operations immediately resulting in lost revenue.

Internet of Things (IoT)

Definition:The Internet of things (IoT) is the network of devices such as vehicles, and home appliances that contain electronics, software, actuators, and connectivity.

More devices are able to connect directly to the web, which has a number of benefits, including greater connectivity, meaning better data and analytics. However, various threats and business risks are lurking in the use of these devices, including data loss, data manipulation and unauthorised access to devices leading to access to the network, etc.

To mitigate this threat, devices should have strict authentication, limited access and heavily monitored device-to-device communications. Crucially, these devices will need to be encrypted – a responsibility that is likely to be driven by third-party security providers but should to be enforced by businesses as part of their cyber-security policies and standard operating procedures.

Cryptojacking

Definition:Cryptojacking is defined as the secret use of your computing device to mine cryptocurrency. Cryptojacking used to be confined to the victim unknowingly installing a program that secretly mines cryptocurrency.

With the introduction and rise in popularity and value of crypto currencies, cryptojacking emerged as a cyber-security threat. On the surface, cryptomining may not seem particularly malicious or damaging, however, the costs that it can incur are. If the cryptomining script gets into servers, it can send energy bills through the roof or, if you find it has reached your cloud servers, can hike up usage bills (the biggest commercial concern for IT operations utilising cloud computing). It can also pose a potential threat to your computer hardware from overloading CPUs.

A recent survey, 1 in 3 of all UK businesses were hit by cryptojacking with statistics rising.

Mitigating the risk 

With these few simple and easy steps you can make a good start in protecting your business:

  • Education: At the core of any cyber-security protection plan, there needs to be an education campaign for all in the business. They must understand the gravity of the threat posed – regular training sessions can help here. And this shouldn’t be viewed as a one-off box-ticking exercise then forgotten about. Having rolling, regularly updated training sessions will ensure that staff members are aware of the changing threats and how they can best be avoided.
  • Endpoint protection: Adopt a layered approach to cyber security and deploy endpoint protection that monitor processes in real-time and seek out suspicious patterns, enhancing threat hunting capabilities that eliminate threats (quarantine or delete), and reducing the downtime and impact of attacks.
  • Lead by example: Cyber-security awareness should come from the top down. The time is long gone where cyber-security has been the domain of IT teams. If you are a business stakeholder, you need to lead by example by promoting and practicing a security-first mindset.

Release Management as a Competitive Advantage

“Delivery focussed”, “Getting the job done”, “Results driven”, “The proof is in the pudding” – we are all familiar with these phrases and in Information Technology it means getting the solutions into operations through effective Release Management, quickly.

In the increasingly competitive market, where digital is enabling rapid change, time to market is king. Translated into IT terms – you must get your solution into production before the competition does through an effective ability to do frequent releases. Doing frequent releases benefit teams as features can be validated earlier and bugs detected easily. The smaller iteration cycles provide flexibility, making adjustments to unforeseen scope changes easier and reducing the overall risk of change.

IT teams with well governed agile and robust release management practices have a significant competitive advantage. This advantage materialises through self-managed teams consisting of highly skilled technologist who collaborative work according to a team defined release management process, that continuously improves through constructive feedback loops and corrective actions.

The process of implementing such agile practices, can be challenging as building software becomes increasingly more complex due to factors such as technical debt, increasing legacy code, resource movements, globally distributed development teams, and the increasing number of platforms to be supported.

To realise this advantage, an organisation must first optimise its release management process and identify the most appropriate platform and release management tools.

Here are three well known trends that every technology team can use to optimise delivery:

1. Agile delivery practises – with automation at the core 

So you have adopted an agile delivery methodology and your re having daily scrum meetings – but you know that is not enough. Sprint planning as well as review and retrospection are all essential elements for a successful release, but in order to gain substantial and meaningful deliverables within the time constraints of agile iterations, you need to invest in automation.

An automation ability bring measurable benefits to the delivery team as it reduces the pressure on people in minimising human error and increasing overall productivity and delivery quality into your environment that shows in key metrics like team velocity. Another benefit automation introduces is consistent and repeatable process, enabling easily scalable teams while reducing errors and release times. Agile delivery practices (see “Executive Summary of 4 commonly used Agile Methodologies“) all embrace and promote the use of automation across the delivery lifecycle, especially in build, test and deployment automation. Proper automation support delivery teams in reducing overhead of time consuming repetitive tasks in configuration and testing so them can focus on the core of customer centric product/service development with quality build in. Also readHow to Innovate to stay Relevant“; “Agile Software Development – What Business Executives need to know” for further insight in Agile methodologies…

Example:

Code Repository (version Control) –> Automated Integration –> Automated Deployment of changes to Test Environments –> Platform & Environment Changes automated build into Testbed –> Automated Build Acceptance Tests –> Automated Release

When a software developer commits changes to the version control, these changes automatically get integrated with the rest of the modules. Integrated assembles are then automatically deployed to a test environment. If there are changes to the platform or the environment, the environment gets automatically built and deployed on test bed. Next, build acceptance tests are automatically kicked off, which would include capacity tests, performance, and reliability tests. Developers and/or leads are notified only when something fails. Therefore, the focus remains on core development and not just on other overhead activities. Of course, there will be some manual check points that the release management team will have to pass in order to trigger next the phase, but each activity within this deployment pipeline can be more or less automated. As your software passes all quality checkpoints, product version releases are automatically pushed to the release repository from which new versions can be pulled automatically by systems or downloaded by customers.

Technologies:

  • Build Automation:  Ant, Maven, Make
  • Continuous Integration: Jenkins, Cruise Control, Bamboo
  • Test Automation: Silk Test, EggPlant, Test Complete, Coded UI
  • Continuous Deployment: Jenkins, Bamboo, Prism

2. Cloud platforms and Virtualisation as development and test environments

Today, most software products are built to support multiple platforms, be it operating systems, application servers, databases, or Internet browsers. Software development teams need to test their products in all of these environments in-house prior to releasing them to the market.

This presents the challenge of creating all of these environments as well as maintaining them. These challenges increase in complexity as development and test teams become more geographically distributed. In these circumstances, the use of cloud platforms and virtualisation helps, especially as these platforms have recently been widely adopted in all industries.

Automation on cloud and virtualised platforms enables delivery teams to rapidly spin up/down environments optimising infrastructure utilisation aligned with demand while, similar to maintaining code and configuration version history for our products, also maintain the version history of all supported platforms. Automated cloud platforms and virtualisation introduces flexibility that optimises infrastructure utilisation and the delivery footprint as demand changes – bringing savings across the overall delivery life-cycle.

Example:

When a build and release engineer changes configurations for the target platform – the operating system, database, or application server settings – the whole platform can be built and a snapshot of it created and deployed to the relevant target platforms.

Virtualisation:The virtual machine (VM) is automatically provisioned from the snapshot of base operating system VM, appropriate configurations are deployed and the rest of the platform and application components are automatically deployed.

Cloud:Using a solution provider like Rackspace to deliver Infrastructure-as-a-Service (IaaS) and Platform as a Service (PaaS), new configurations can be introduced in a new Rackspace instance is produced, instantiated, and configured as a development and test environment. This is crucial for flexibility and productivity, as it takes minutes instead of weeks to adapt to configuration changes. With automation, the process becomes repeatable, quick, and streamlines communication across different teams within the Tech-hub.

3. Distributed version control systems

Distributed version control systems (DVCS), for example GIT, Perforce or Mercurial, introduces flexibility for teams to collaborate at the code level. The fundamental design principle behind DVCS is that each user keeps a self-contained repository with complete version history on one’s local computer. There is no need for a privileged master repository, although most teams designate one as a best practice. DVCS allow developers to work offline and commit changes locally.

As developers complete their changes for an assigned story or feature set, they push their changes to the central repository as a release candidate. DVCS offers a fundamentally new way to collaborate, as  developers can commit their changes frequently without disrupting the main codebase or trunk. This becomes useful when teams are exploring new ideas or experimenting as well as enabling rapid team scalability with reduced disruption.

DVCS is a powerful enabler for the team that utilise an agile-feature-based branching strategy. This encourages development teams to continue to work on their features (branches) as they get ready, having fully tested their changes locally, to load them into next release cycle. In this scenario, developers are able to work on and merge their feature branches to a local copy of the repository.After standard reviews and quality checks will the changes then be merged into the main repository.

To conclude

Adopting these three major trends in the delivery life-cycle enables a organisation to imbed proper release management as a strategic competitive advantage. Implementing these best practices will obviously require strategic planning and an investment of time in the early phases of your project or team maturity journey – this will reduce the organisational and change management efforts to get to market quicker.