Integrated security key

April 2016 Editor's Choice, Information Security

The trends and threats encountered by South African companies are largely those of our global counterparts, but our priorities show a misalignment. In fact, market intelligence firm, IDC, predicts that IT security spending in SA will lag behind the actual importance and impact of this strategic imperative, leaving local companies potentially vulnerable. Organisations face multiple challenges in today’s threat landscape. Specifically, the siloed nature of implemented technologies, a lack of overall visibility, and increasingly sophisticated targeted attacks are all potential vulnerabilities in the overall cyber resilience of organisations.

Trevor Coetzee, Intel Security.
Trevor Coetzee, Intel Security.

In 2014, US-based retailer, Target, learnt this the hard way, when malware led to the leak of millions of customers’ credit card details. It’s not that the breach wasn’t detected by the company, but that the alerts failed to prompt either an automatic response or even a manual response. The failure resulted in a huge knock in profits, and massive reputational damage. Could this happen locally? Absolutely. The malware here was described as ‘unsophisticated and uninteresting’, but it was their inability to respond that let Target down.

So, if Target, with all the resources of a huge US retailer, can fall victim, how can a South African company expect to avoid the same fate? A quick audit of your organisational preparedness can help identify pitfalls, and an integrated and multi-layered approach will help you plug them.

What are the threats?

A patchwork of solutions: Companies are dealing with dozens of individual niche security vendors offering single point solutions. Often these operate in functional silos with no intelligence-sharing, preventing infrastructure-wide visibility for real-time detection of threats. This fragmented environment leads to gaps in protection and poor visibility, which drives up the time and manual processes needed to move from discovery to remediation.

Speed of response: There is a concept in emergency medicine of the ‘golden hour’. The probability of surviving improves if a patient is treated within the first hour. The equivalent applies to security. Losses can be dramatically reduced with faster, precise detection and automated remediation. In 60% of cases, attackers can compromise an organisation within minutes (2015 Verizon DBIR), and 75% of attacks spread from ‘patient zero’ within 24 hours (Gartner, May 2015: Best Practices for Detecting and Mitigating Advanced Persistent Threats). In order to defend against this, organisations must minimise the time between network penetration and threat containment and remediation.

Skills shortage: Overwhelmed security practitioners are struggling in the face of exponentially growing threat complexity, with over 400 000 new malicious programs identified every day (AV-Test.org). Plus, people who offer the magic combination of skills (including environment knowledge, depth of technical expertise, and knowledge of business priorities) are hard to find, hire and retain. In fact, 66% of organisations in a recent SANS Institute survey said that skills and people shortages were the top impediment to incident response.

So what’s the solution?

Protect: Comprehensive prevention lets users be more productive while blocking the most pervasive attacks and disrupting never-before-seen techniques and payloads. With the right tools, we can reduce security fragmentation, automate operational tasks, and enhance capabilities to combat attacks more effectively with less effort. A hybrid, integrated system brings together a dynamic endpoint of anti-malware, data protection and web security controls with virtualised data centre security infrastructure and centralised management.

Detect: Since no single analysis or intelligence source can detect sophisticated attacks, advanced monitoring and tiered analysis works to identify anomalous behaviour, catching low-threshold attacks that would otherwise go unnoticed. Ultimately this helps us detect, contain and resolve more issues with far less damage. Better insight produces higher confidence in less time. We can also integrate data and tools so they collaborate in real time for faster investigation of and response to events.

Correct: Facilitated triage and response lets teams prioritise threats, assisting speedy investigation and remediation for both endpoint and the cloud. A broad visibility and integrated management environment can facilitate self-learning – to keep evolving the threat defence lifecycle for higher effectiveness. Cloud-first management simplifies the environment, while making it easier to enhance protections and policies.

We are heading towards a ubiquity of connected devices – an estimated 200 billion by 2020, according to forecasting by Intel. With that saturation, a piecemeal approach to security will become overwhelmingly resource-heavy. By automating aspects of your security implementation, and sharing real-time data across security implementations, you can free up your skilled people to deal with the real high-level threats.

This is the driver behind our ‘Did you know?’ campaign that offers clients a critical competitive advantage through integrating different types of security. Take the quiz ( http://getconnected.intelsecurity.com/en/quiz/start ) to assess your knowledge of current threats and trends in IT security, or read more about these topics and solutions here ( http://getconnected.intelsecurity.com)





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Identity is a cyber issue
Access Control & Identity Management Information Security
Identity and access management telemetry has emerged as the most common source of early threat detection, responsible for seven of the top 10 indicators of compromise leading to security investigations.

Read more...
Federated identity orchestration
Technews Publishing SMART Security Solutions Editor's Choice Access Control & Identity Management Security Services & Risk Management AI & Data Analytics
Understanding exactly who resides at the end of a digital device is key, and simple identity number verification by the Department of Home Affairs is no longer a viable solution on its own.

Read more...
Identity and authentication
Technews Publishing SMART Security Solutions Access Control & Identity Management Information Security Security Services & Risk Management
Identity authentication is a crucial aspect of both physical security and cybersecurity. SMART Security Solutions obtained insights into the topic and the latest developments from three companies.

Read more...
Here’s to a SMART 2025
SMART Security Solutions Editor's Choice News & Events
This is the final news brief from SMART Security Solutions for 2024, and the teams would like to take this opportunity to thank our readers, advertisers and partners and wish everyone a safe and secure festive season.

Read more...
Smart surveillance and cyber resilience
Axis Communications SA Surveillance Information Security Government and Parastatal (Industry) Facilities & Building Management
South Africa’s critical infrastructure sector has to step up its game regarding cybersecurity and the evolving risk landscape. The sector has become a prime target for cybercriminals on top of physical threat actors, and the consequences of an incident can be far-reaching.

Read more...
SA company develops world-first safe K9 training for drug detection
Editor's Choice News & Events Security Services & Risk Management Government and Parastatal (Industry)
The Braveheart Bio-Dog Academy recently announced the results of its scientific research into training dogs to accurately detect drugs and explosives without harming either the dogs or their handlers.

Read more...
Autonomous healing systems are the future
Infrastructure Information Security AI & Data Analytics
Autonomous healing software, an emerging technology, is gaining traction for its potential to transform how organisations manage software maintenance, security, and system performance.

Read more...
AI-powered automation for an operational efficiency edge
Editor's Choice AI & Data Analytics IoT & Automation
In the fast-moving world of digital transformation, businesses are under immense pressure to accelerate their operations and adapt quickly to stay competitive in an era dominated by AI and technological advancements.

Read more...
Elvey to distribute Tiandy
Elvey Security Technologies Editor's Choice Surveillance News & Events
Tiandy’s presence in South Africa was boosted in November with the announcement that Elvey Security Technologies will distribute a broad range of Tiandy equipment through its channel partners and provide project assistance.

Read more...
Standards for fire detection
SAQCC (Fire) Editor's Choice Fire & Safety Associations
With the increased number of devastating fires reported throughout South Africa, adequate and suitable fire detection cannot be overstated. SAQCC Fire will publish a series of articles in SMART Security Solutions to provide insight into fire detection requirements and importance.

Read more...