2024 Businesses spend a lot of money on security, why are they still attacked by hackers?

 Security experts say that it is not necessary to invest a lot of money in a security system and network security to be safe. On the contrary, this may be the wrong direction.



Businesses spend a lot of money on security, why are they still attacked by hackers? - first

Lieutenant Colonel Le Xuan Thuy, Director of the National Cyber Security Center, Ministry of Public Security, answers questions related to data encryption attacks (Photo: Cuong Quyet).


Last March can be said to be the peak time for hackers, when Vietnam recorded at least 3 large-scale data encryption (ransomware) attacks, with the target targeting VnDirect, PVOil and a supplier. provides telecommunications services.


It is worth mentioning that these are all large businesses, and may have invested a lot of money in security systems and internal network security. But why are they still victims of large-scale attacks?


Sharing at the seminar on the afternoon of April 5 in Hanoi, Lieutenant Colonel Le Xuan Thuy, Director of the National Cyber Security Center, Ministry of Public Security, emphasized that hacker organizations often exploit unpublished ZeroDay vulnerabilities. dad.


Because of that, although a lot of money is invested in security systems, most of them cannot be detected and prevented.


"There are many places in Vietnam, partly because of awareness, thinking that we have done things tightly, so we have a subjective and negligent mentality. This makes it easier for the system to be a victim of hackers," Mr. Le Xuan Thuy said.


Experts from the National Cyber Security Center affirmed that the best way to defend against cyber attacks is to continuously review 24/7 and optimize the system so that when hackers appear and take action. can promptly respond and prevent.


In addition, it needs to be based on three pillars, which are processes, people, and information security systems. Therefore, just investing in defense systems and information security is not enough.


"Remember that as a defender, we have to find all the vulnerabilities, and the attacker only needs to find one vulnerability," Mr. Thuy said.


Businesses spend a lot of money on security, why are they still attacked by hackers? - 2

To effectively defend against hackers, what needs to be done is to invest correctly, not how much money to invest (Photo: Getty).


Another point to pay attention to is the behavior of the managing unit. In particular, the awareness of the leader is very important, because that is the person who signs the contract and decides to invest.


According to security experts, without full awareness, investment can easily go astray, "a lot of money is spent but the system is still vulnerable".


Mr. Vu Ngoc Son, Technical Director of National Cyber Security Technology Joint Stock Company (NCS), said that according to the world's general formula, investment in cyber security usually accounts for about 10% of investment costs for information system. However, the majority of businesses in Vietnam have not reached this rate.


"The ideal investment level for network security today is 10%, preferably 20%. However, in Vietnam it has not been possible to do so, perhaps only at less than 5%," Mr. Son assessed.



Watch More See many hot photo albums >>>

Mr. Son also agrees with the view that what needs to be done is to invest correctly, not how much money to invest. Specifically, most Vietnamese agencies and businesses invest 80% of their costs in defense and prevention, but only spend 15% of their capital on monitoring and 5% on response.


Security experts say this approach is outdated. Instead, the correct way to invest in a modern information security system, also known as "new thinking" today, is to invest in a three-legged stool, divided equally between the stages of prevention, monitor and react.


According to Mr. Le Xuan Thuy, organizations and businesses should accept the fact that even if they have invested properly, there is still a risk of an attack. "This should be considered a long-term resistance war," Mr. Thuy said.


In short, no matter how high a wall is built, it cannot be guaranteed that the wall cannot be overcome. It is important to improve the process of tracking, monitoring, and reacting instead of preventing in the usual way.

Đăng nhận xét

Mới hơn Cũ hơn