Integrated security key

April 2016 Editor's Choice, Information Security

The trends and threats encountered by South African companies are largely those of our global counterparts, but our priorities show a misalignment. In fact, market intelligence firm, IDC, predicts that IT security spending in SA will lag behind the actual importance and impact of this strategic imperative, leaving local companies potentially vulnerable. Organisations face multiple challenges in today’s threat landscape. Specifically, the siloed nature of implemented technologies, a lack of overall visibility, and increasingly sophisticated targeted attacks are all potential vulnerabilities in the overall cyber resilience of organisations.

Trevor Coetzee, Intel Security.
Trevor Coetzee, Intel Security.

In 2014, US-based retailer, Target, learnt this the hard way, when malware led to the leak of millions of customers’ credit card details. It’s not that the breach wasn’t detected by the company, but that the alerts failed to prompt either an automatic response or even a manual response. The failure resulted in a huge knock in profits, and massive reputational damage. Could this happen locally? Absolutely. The malware here was described as ‘unsophisticated and uninteresting’, but it was their inability to respond that let Target down.

So, if Target, with all the resources of a huge US retailer, can fall victim, how can a South African company expect to avoid the same fate? A quick audit of your organisational preparedness can help identify pitfalls, and an integrated and multi-layered approach will help you plug them.

What are the threats?

A patchwork of solutions: Companies are dealing with dozens of individual niche security vendors offering single point solutions. Often these operate in functional silos with no intelligence-sharing, preventing infrastructure-wide visibility for real-time detection of threats. This fragmented environment leads to gaps in protection and poor visibility, which drives up the time and manual processes needed to move from discovery to remediation.

Speed of response: There is a concept in emergency medicine of the ‘golden hour’. The probability of surviving improves if a patient is treated within the first hour. The equivalent applies to security. Losses can be dramatically reduced with faster, precise detection and automated remediation. In 60% of cases, attackers can compromise an organisation within minutes (2015 Verizon DBIR), and 75% of attacks spread from ‘patient zero’ within 24 hours (Gartner, May 2015: Best Practices for Detecting and Mitigating Advanced Persistent Threats). In order to defend against this, organisations must minimise the time between network penetration and threat containment and remediation.

Skills shortage: Overwhelmed security practitioners are struggling in the face of exponentially growing threat complexity, with over 400 000 new malicious programs identified every day ( Plus, people who offer the magic combination of skills (including environment knowledge, depth of technical expertise, and knowledge of business priorities) are hard to find, hire and retain. In fact, 66% of organisations in a recent SANS Institute survey said that skills and people shortages were the top impediment to incident response.

So what’s the solution?

Protect: Comprehensive prevention lets users be more productive while blocking the most pervasive attacks and disrupting never-before-seen techniques and payloads. With the right tools, we can reduce security fragmentation, automate operational tasks, and enhance capabilities to combat attacks more effectively with less effort. A hybrid, integrated system brings together a dynamic endpoint of anti-malware, data protection and web security controls with virtualised data centre security infrastructure and centralised management.

Detect: Since no single analysis or intelligence source can detect sophisticated attacks, advanced monitoring and tiered analysis works to identify anomalous behaviour, catching low-threshold attacks that would otherwise go unnoticed. Ultimately this helps us detect, contain and resolve more issues with far less damage. Better insight produces higher confidence in less time. We can also integrate data and tools so they collaborate in real time for faster investigation of and response to events.

Correct: Facilitated triage and response lets teams prioritise threats, assisting speedy investigation and remediation for both endpoint and the cloud. A broad visibility and integrated management environment can facilitate self-learning – to keep evolving the threat defence lifecycle for higher effectiveness. Cloud-first management simplifies the environment, while making it easier to enhance protections and policies.

We are heading towards a ubiquity of connected devices – an estimated 200 billion by 2020, according to forecasting by Intel. With that saturation, a piecemeal approach to security will become overwhelmingly resource-heavy. By automating aspects of your security implementation, and sharing real-time data across security implementations, you can free up your skilled people to deal with the real high-level threats.

This is the driver behind our ‘Did you know?’ campaign that offers clients a critical competitive advantage through integrating different types of security. Take the quiz ( ) to assess your knowledge of current threats and trends in IT security, or read more about these topics and solutions here (

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

The human factor side of video management systems
Leaderware Editor's Choice Surveillance Risk Management & Resilience
A video management system (VMS) is central to, and the most vital element to any control room operation using CCTV as part of its service delivery, however, all too often, it is seen as a technical solution rather than an operational solution.

Get the basics right to win more business
ServCraft Editor's Choice Risk Management & Resilience
The barriers to entry in security are not high. More people are adding CCTV and fencing to their repertoire every year. Cowboys will not last long in a space where customers trust you with their safety.

All aspects of data protection
Technews Publishing Editor's Choice Information Security Infrastructure AI & Data Analytics
SMART Security Solutions spoke to Kate Mollett, Senior Director, Commvault Africa, about the company and its evolution from a backup specialist to a full data protection specialist, as well as the latest announcements from the company.

Projections for 2024’s Advanced Threats Landscape
News & Events Information Security
Kaspersky Global Research and Analysis Team (GReAT) experts offer insights and projections for 2024 in the Kaspersky Security Bulletin, with a focus on the evolution of Advanced Persistent Threats (APT).

Global strength, local craft
Impro Technologies Editor's Choice
Impro Technologies is a resounding success story. Started in South Africa, the company remains true to its roots and still designs and manufactures its access control systems and solutions in the country.

Trellix detects collaboration by cybercriminals and nation states
News & Events Information Security
Trellix has released The CyberThreat Report: November 2023 from its Advanced Research Centre, highlighting new programming languages in malware development, adoption of malicious GenAI, and acceleration of geopolitical threat activity.

SA enterprises can benefit from AI-driven cybersecurity
AI & Data Analytics Information Security
Cybercrime is big business, and threat actors deploy cutting-edge tools to carry out attacks. Fortunately, cybersecurity is constantly evolving to meet and counter the threats they face.

South Africans play a role in becoming scam victims
Editor's Choice Risk Management & Resilience
The South African fraud landscape is becoming increasingly risky as fraudsters and scammers look to target individuals with highly sophisticated scams, in an environment where it is becoming increasingly difficult for lawmakers and authorities to bring these criminals to justice.

Africa Online Safety Fund announces grant winners
News & Events Information Security
The Africa Online Safety Fund (AOSF) has announced the winners of this year’s grants; among them are five organisations operating in South Africa to educate people about online risks.

Service orientation and attention to detail
Technews Publishing Editor's Choice Risk Management & Resilience
Lianne Mc Hendry evolved from working for an accounting firm to an accomplished all-rounder familiar with the manufacturing, distribution, and system integration aspects of the security industry value chain.