A Possible Plus for UK Companies’ Digital Security Post-BrexitOn the one hand, Brexit could make digital security easier for some UK companies that are coming out of the European Union. That’s because leaving the European Union will free these organizations from necessarily needing to trust web traffic from certain countries over others. Think about it. When these organizations are situated within the European Union, digital attackers can reach them not necessarily by breaching their systems directly but instead going after smaller targets. As an example, a threat actor group sets its sights on a UK organization. It might then decide to go after small German companies that otherwise have nothing to do with their true target but, nevertheless, lack robust security measures. (This is NOT a supply chain attack, so the companies don’t need to be in the same industry or work with the intended target directly.) From there, the bad actors come through those German companies to target the UK organization. They could very well succeed in their efforts, for as it’s situated within the European Union, the UK organization is expecting and has, therefore, trusted traffic coming from Germany. In other words, it is accustomed to seeing traffic from Germany because of those shared ties to the European Union. Unfortunately, these expectations give digital attackers an opportunity to abuse such alliances and open up new avenues of risk. Things would be different if the UK organization were to find itself in a post-Brexit world, however. Removed from the European Union, that company would have no obligation to trust traffic from any country outside of the United Kingdom. It could therefore easily use security controls to filter traffic from locations it doesn’t want to trust. Alternatively, it could approach incoming web traffic from a whitelisting frame of mind and allow connections from a select few number of places. Doing so could help prevent digital attackers in other countries from attacking their systems, even if they’ve infiltrated the systems of a company based in a foreign nation.
But Does It Really Matter, Anyway?On the other, digital security really should be different whether UK organizations are in or out of the European Union. Not at least in terms of what types of security measures they should be implementing. In any case, they should start with asset discovery so that they can have a clear idea of what’s on the network and what they need to protect. They can then embrace some of the other foundational security controls like vulnerability management, logging and change monitoring before pursuing more advanced analytical tools that are available to them. Don’t take just my opinion on the matter. Many security professionals are of the belief that Brexit won’t have an affect on digital security. This became evident in a survey conducted by Tripwire at Infosecurity Europe 2016 when most respondents (64 percent) said there would be no change in UK organizations ability to defend themselves against targeted attacks. Adrian Davis, regional managing director for ISACA, feels this is the case because of the nature of today’s evolving digital threats:
Cyber threats and attacks transcend national boundaries and politics and the only way we can defend ourselves is to share information and collaborate. I’m confident that, as a profession, we will continue to help each other regardless of whether our nation is in or out.