The cyber-security landscape is ever shifting, with new threats hurtling into vision on a regular basis. To deal with these threats, organisations need agile and comprehensive security strategies – covering the entire spectrum of endpoints, networks, data centres, applications and access control.
This is the view of Anton Jacobsz, managing director at value-added distributor, Networks Unlimited Africa, which assists local businesses with a broad spectrum of cyber-defence solutions.
“As we evolve towards digitally-focused businesses, towards digital economies, the very nature of value changes. Data is well and truly the currency of the future,” says Jacobsz.
“Consider for a moment which is worse: somebody breaking into your house and stealing all your physical belongings, or somebody gaining access to your entire digital world – passwords, data, conversations and the like?”
For many of us, we’d probably prefer to lose our physical ‘stuff’.
A series of unfortunate global events
For companies, organisations and governments, it’s a similar dynamic. When it comes to cyber-breaches, Jacobsz says that 2017 was the most destructive year in history, headlined by these high-profile calamities:
· Equifax: hackers were able to steal over 200,000 credit card details from the credit bureau in a massive data breach that could have affected up to 143 million US citizens – compromising data like social security numbers, birth dates, addresses and other personal details.
· Uber: the popular ride-sharing app was allegedly forced to pay $100,000 as a ransom to attackers, after they stole data relating to 57 million Uber customers.
· The CIA: one of the institutions that we’d expect to have the most stringent security was the victim of a coordinated cyber-attack – with a number of confidential documents being released on WikiLeaks.
· HBO: the global broadcaster suffered the loss of 1.5 terabytes of data in a high-profile attack that saw hackers release episodes of the popular Game of Thrones series before they’d been aired on TV.
· WannaCry: this attack hit major organisations in 150 countries, propelling the techniques of encryption and ransomware into the public spotlight. WannaCry infected an astonishing 200,000 computers, causing untold billions in total damages as major companies were rendered helpless.
And on the local front…
And South Africa did not escape 2017 cyberattack-free. A hack on the local Deeds Office’s database saw the personal details of millions of citizens – including ID numbers, contact details, addresses, and income estimates – being exposed on the Dark Web.
Ransomware, a type of malicious software designed to block access to a computer system until a sum of money is paid, was also on the increase last year, with South Africans falling victim to 15 million ransomware attacks. From a local business point of view, the median total cost of a ransomware attack last year was around R1.7 million including ransom, downtime, manpower, device cost, network cost, and lost opportunities, with 52 percent incurring costs above this level.
To put it into perspective, PwC’s sixth South African edition of the Global Economic Crime and Fraud Survey, for 2018, which came out earlier this year, states that South African organisations expect cybercrime to become the most disruptive form of economic crime in the next two years.
Growing complexity, new approaches
The scale of these attacks, and the thousands more that made the headlines, has forced organisations to think differently about how to protect data and digital assets.
“Traditional notions of perimeter defence must give way to a far more fluid and responsive strategy, where cyber-security is woven into the fabric of everything the organisation does, and where early detection and response is critical,” explains Jacobsz.
“As we bring more and more devices onto the network, organisations have a huge challenge to secure data as it traverses from endpoints – like laptops, smartphones and sensors – across various networks, into different hybrid cloud environments, to reach the data centre.”
It’s a far cry from the simple on-premise, client-server configurations of yesteryear. Jacobsz says that as the complexity grows, businesses need trusted ICT partners, and leading-edge security solutions, to keep pace with evolving threats.
At a high level, many organisations need to mature their threat intelligence capabilities very fast, to quickly detect any form of cyber-defence weakness, or any kind of attack. This should be supported with a concerted focus on security operations – harnessing automation, orchestration, advanced analytics, and data science technologies.
Practical tools to protect the organisation
Diving into the detail, Jacobsz highlights several solutions sets that operate in harmony, to provide organisations with a comprehensive, end-to-end security solution, with software that continually evolves in response to emerging threats:
· Attivo Networks… offers deception technology, a unique and modern approach using platforms offering deception-based detection throughout every layer of the network stack, thereby enabling efficient detection for every threat vector. Using high-interaction decoys and lures, these deception solutions effectively deceive attackers into revealing themselves, thereby closing the detection deficit before providing accelerated incident response.
· Carbon Black… deals with the end-point security needs for enterprises – giving them the ability to continuously detect and rapidly respond to ongoing threats. Thorough forensic analysis is captured in real time, giving unprecedented visibility into the entire endpoint environment, helping CSOs to build certain behavioural patterns, and optimise defences in the future.
· Cofense… this software addresses the uniquely human ‘origin’ of many cyber-attacks, helping to thwart advanced phishing attacks – including the likes of ‘spear-phishing’ and ‘whaling’. Cofense transforms employees from being a vulnerability point, into an active line of defence (by enabling them to identify, report and mitigate various kinds of phishing, malware, ransomware and other threats).
· F5 Networks… as enterprises build an increasing number of applications, in various environments, there is a need for dedicated web application security solutions. F5’s tools quickly stop application threats, highlight any vulnerabilities, and safeguard the data held within applications.
· Fortinet… this integrated network security platform addresses all of the network defence needs for the modern enterprise – covering the network core (internal segmentation), the edge (next- generation firewalls), and network access.
· NETSCOUT Arbor… helps secure some of the world’s largest enterprise and service provider networks from DDoS attacks and advanced threats. NETSCOUT Arbor’s advanced threat solutions deliver complete network visibility through a combination of packet capture and NetFlow technology, enabling the rapid detection and mitigation of malware and malicious insiders. NETSCOUT Arbor also delivers analytics for dynamic incident response, historical analysis, visualisation and forensics.
· RSA… offers business-driven security solutions which are designed to effectively detect and respond to advanced attacks; manage user identities and access; and reduce business risk, fraud and cybercrime. RSA protects millions of users around the world and assists more than 90 per cent of the Fortune 500 companies.
· Thales… this expert in critical information systems, cybersecurity and data security offers encryption of structured and unstructured data, at rest or in motion. Thales accelerates digital transformation by making data safe in any environment while maintaining business agility, and protecting structured and unstructured data at rest, in motion, and in use, across devices, processes, platforms, and environments. Encryption offerings can also help with meeting the requirements of regulatory compliance.
“Many of today’s biggest emerging threats were unheard of just a few years ago, and we could certainly never have predicted cyber-attacks on the scale of those high-profile examples that we’ve seen lately,” adds Jacobsz.
“As we look toward to the future, it’s just as difficult to predict the direction of the next wave of attacks. The only possible strategy is to adopt the latest technologies, and keep security at the forefront of our thinking, remaining vigilant and responsive to threats as they appear.”
498 total views, 0 views today