How long would it take to hack your company?

That being said, have you tested your defenses?

Even though more and more companies now understand that the risk is real and are investing more in cybersecurity, few know to what extent an attacker could compromise their IT infrastructure. Indeed, you may have implemented a solid governance framework, have ongoing employee awareness campaigns, and have invested in relevant tools such as EDR, but unfortunately, this does not mean you are adequately protected.

An effective way to validate your posture is to simulate an attack. Can an attacker bypass your EDR? If one of your employees falls victim to phishing, what can an attacker do from there? Will they only access the information available to that user, or are they capable of compromising your entire company? In an ideal world, we would want scenario 1, but in our reality, we have compromised the domain controllers of 100% of the companies we have worked with.

Compromising the domain controller is like obtaining the master key to your company. This is how an attacker could deploy ransomware, for example, a scenario we want to avoid at all costs.

The companies we compromised all had cybersecurity tools and a willingness to protect their data in place. They would not have invested in a penetration test otherwise. This demonstrates the importance of conducting this type of simulation to understand how an attacker would hack your company and then implement the appropriate fixes.

Cybersecurity is still perceived as an expense by many business leaders. Investments are made with a compliance perspective or to secure a contract with a major contractor, but the culture is not yet present.

No leader needs convincing of the need to sell to stay in business. No sales = no company. As a result, investments in marketing and business development are significant and regular. It is important to stay informed about what the competition is doing, market trends, customer needs, etc.

Conversely, few leaders realize that a cyberattack could simply close their business. We do not want to preach fear, but unfortunately, we know too many cases where companies had to close due to ransomware: loss of their intellectual property (how long would it take to have to redo all the plans required for your production?), shutdown of the production chain for too long to be able to recover financially, damage to reputation followed by loss of customers, etc.

Unlike a decrease in activity that leaves time to try different strategies to seek new contracts, a cyberattack can stop everything in one day, with no prospect of starting again.

It is therefore essential for your company to follow the “trends” of cybercriminals in the same way that you do for your competitors, and continuously. New vulnerabilities and hacking tools come out every day, and criminals have no rules to follow.

What we recommend:

• Conduct a network penetration test annually: This will allow you to know how long it would take for your company to be hacked, how, and what the consequences would be. Above all, it will allow you to correct the situation to prevent a real hacker from doing so.
• Scan your network continuously: as explained above, new vulnerabilities are released every day and actively exploited by criminals. No human can follow alone, there are tools that scan vulnerabilities in your network continuously to allow you to implement patches.
• Regularly plan meetings with your IT team and your cybersecurity advisors if you have any: A penetration test and vulnerability scans will generate a lot of work and reflection for your teams. The action plan must be followed by the management to see progress and decide on priorities.
• We cannot promise you 100% security, that is impossible: That being said, taking a continuous approach to test your security will significantly reduce the impact of an attack and its likelihood. The majority of attacks are indeed random, so if you put enough obstacles in the way of hackers, there is a good chance they will move on to the next victim.