Protecting your Firm against cybercrime
Being in charge of a business network has never been easy, what with demands from BAU, delivering projects as well as gazing in to your crystal ball to anticipate future trends in technology that you should adopt and those you should steer well clear of! However over the last five years a nasty new worry has appeared on all our radars, that of cybercrime. The proliferation of people out to disrupt, damage or steal from the business you’re entrusted to protect has mushroomed due to the ever increasing connectivity of the modern world.
The legal sector that I work in has been heavily targeted as the cyber criminals realise the potential profits from going after a Law Firm, here at TWM Solicitors I have to protect a business spread over seven sites with a workforce that can deal with virtually any kind of work meaning that clients are constantly sending over a range of weird and wonderful email attachments and that doesn’t include the fact that many of my colleagues work far too long in to the night from a variety of remote locations and need to do so securely from both our internal and cloud based apps.
I needed to tackle this problem, a security system that was constantly kept up to date, could report back to me instantly anything that didn’t look “quite right” right across my network and had the speed of learning to counter the AI tools which cyber criminals often have had their fingertips. After looking across the board at SIEM solutions and rejecting them on complexity of configuration and lack of clarity in understanding what was actually being presented to me, a knowledgeable but not an expert in cyber security, I was delighted to see that a solution called DarkTrace had exactly what I was looking for.
The DarkTrace system collects data by port mirroring from a centrally located switch and when we first put it in on trial it spent the first month or two just profiling your network with a visit every couple of weeks a cyber consultant from their team who will review the findings with you. The period allows you to work together to tune the system to what they call the “pattern of life” which is what normal behaviour looks like on your network. This time isn’t wasted though and I learnt some very interesting things about my network. Approximately two months after your trial (and should you decide to purchase) you then engage the system to fully protect your business using their Antigena service to control activity on the network which falls outside the normal pattern that’s been learnt and can block malicious activity without your engagement say at four in the morning! What more could I want?, a single view of the entire activity across the network, constantly monitored and updated (via integration with their Cambridge HQ) with the latest attack vectors and if I’m at home or out and about the handy mobile app allows me to further investigate alerts.