A former director of the UK's secret intelligence service has offered advice on what organisations can do to help stay protected against cyberattacks.
Speaking at the Digital Transformation Expo Europe in London, ex-MI6 chief John Sawers touched on the various threats facing the UK and other countries right now, including cyberattacks and espionage by both criminals and nation states – but told the audience there are some key things that can be done to help organisations and their employees from becoming victims.
First of all, organisations should be employing two-factor authentication; something that is relatively simple to rollout.
"If you're not using two factor authentication, you're well behind the game and much more vulnerable. That's the first thing individuals can do," said Sawers, who served as head of MI6 between 2009 and 2014.
Businesses should ensure they're running modern cyber defences with protections against malicious activity inside the network, rather than just relying on firewalls and the like to keep threats out. If attackers breach that perimeter and there are no internal defences then things can go bad quickly, as demonstrated by the NotPetya incident of summer 2017.
"The companies that got hit by the NotPetya virus two years ago were the ones that had an old fortress-and-moat system where they had external defences around their IT system and free movement within it," Sawers said. "That simply doesn't work for modern cybersecurity systems."
To stay protected against modern cyberattacks, he argued that an organisation needs multi-layer protection throughout the network and to determine the risk category of the information or data stored.
"You've got to be able to identify your crown jewels and have them completely protected, you've got some material that's going to be at risk and you've got some material you know is going to be vulnerable," he explained, adding "knowing what others want from you and what you have to protect for your own future is absolutely vital."
Sawers also touched upon the security debate around Chinese telecommunications provider Huawei. While the US has indicated it will not use Huawei technology in its infrastructure, the UK has so far taken a more flexible approach.
Some have voiced concerns about Huawei posing a cybersecurity risk to UK infrastructure, but Sawers is less concerned.
"I think the founders of Huawei and the Chinese government sees Huawei as a major Chinese commercial entity, rather than an arm of the state," he told ZDNet, before adding there would be "very serious consequences" if it did abuse its position as a UK supplier.
But he said: "We've not, in the 20 years that we've had Huawei equipment in our system, experienced it being used by the Chinese state for espionage purposes – we see a lot of Chinese espionage efforts here in the UK and across the west, but they haven't sought or been able to exploit Huawei equipment for that purpose," said Sawers.
While Sawers did detail how there's an espionage threat that needs to be managed, it can be mitigated without excluding Chinese manufacturers from the market, for example by keeping such hardware to the edge of the network. "The fact we can control it, largely at the periphery, means there are much better defences in place," he said.
MORE ON CYBER SECURITY
- Cybersecurity: 99% of email attacks rely on victims clicking links
- Huawei ban: Full timeline on how and why its phones are under fire CNET
- Confidence in the internet is wobbling: Here's how to fix it, says cyber chief
- More companies use multi-factor authentication, but security still weak from poor password habits TechRepublic
- Microsoft: Using multi-factor authentication blocks 99.9% of account hacks