Integrated security key

April 2016 Editor's Choice, Information Security

The trends and threats encountered by South African companies are largely those of our global counterparts, but our priorities show a misalignment. In fact, market intelligence firm, IDC, predicts that IT security spending in SA will lag behind the actual importance and impact of this strategic imperative, leaving local companies potentially vulnerable. Organisations face multiple challenges in today’s threat landscape. Specifically, the siloed nature of implemented technologies, a lack of overall visibility, and increasingly sophisticated targeted attacks are all potential vulnerabilities in the overall cyber resilience of organisations.

Trevor Coetzee, Intel Security.
Trevor Coetzee, Intel Security.

In 2014, US-based retailer, Target, learnt this the hard way, when malware led to the leak of millions of customers’ credit card details. It’s not that the breach wasn’t detected by the company, but that the alerts failed to prompt either an automatic response or even a manual response. The failure resulted in a huge knock in profits, and massive reputational damage. Could this happen locally? Absolutely. The malware here was described as ‘unsophisticated and uninteresting’, but it was their inability to respond that let Target down.

So, if Target, with all the resources of a huge US retailer, can fall victim, how can a South African company expect to avoid the same fate? A quick audit of your organisational preparedness can help identify pitfalls, and an integrated and multi-layered approach will help you plug them.

What are the threats?

A patchwork of solutions: Companies are dealing with dozens of individual niche security vendors offering single point solutions. Often these operate in functional silos with no intelligence-sharing, preventing infrastructure-wide visibility for real-time detection of threats. This fragmented environment leads to gaps in protection and poor visibility, which drives up the time and manual processes needed to move from discovery to remediation.

Speed of response: There is a concept in emergency medicine of the ‘golden hour’. The probability of surviving improves if a patient is treated within the first hour. The equivalent applies to security. Losses can be dramatically reduced with faster, precise detection and automated remediation. In 60% of cases, attackers can compromise an organisation within minutes (2015 Verizon DBIR), and 75% of attacks spread from ‘patient zero’ within 24 hours (Gartner, May 2015: Best Practices for Detecting and Mitigating Advanced Persistent Threats). In order to defend against this, organisations must minimise the time between network penetration and threat containment and remediation.

Skills shortage: Overwhelmed security practitioners are struggling in the face of exponentially growing threat complexity, with over 400 000 new malicious programs identified every day (AV-Test.org). Plus, people who offer the magic combination of skills (including environment knowledge, depth of technical expertise, and knowledge of business priorities) are hard to find, hire and retain. In fact, 66% of organisations in a recent SANS Institute survey said that skills and people shortages were the top impediment to incident response.

So what’s the solution?

Protect: Comprehensive prevention lets users be more productive while blocking the most pervasive attacks and disrupting never-before-seen techniques and payloads. With the right tools, we can reduce security fragmentation, automate operational tasks, and enhance capabilities to combat attacks more effectively with less effort. A hybrid, integrated system brings together a dynamic endpoint of anti-malware, data protection and web security controls with virtualised data centre security infrastructure and centralised management.

Detect: Since no single analysis or intelligence source can detect sophisticated attacks, advanced monitoring and tiered analysis works to identify anomalous behaviour, catching low-threshold attacks that would otherwise go unnoticed. Ultimately this helps us detect, contain and resolve more issues with far less damage. Better insight produces higher confidence in less time. We can also integrate data and tools so they collaborate in real time for faster investigation of and response to events.

Correct: Facilitated triage and response lets teams prioritise threats, assisting speedy investigation and remediation for both endpoint and the cloud. A broad visibility and integrated management environment can facilitate self-learning – to keep evolving the threat defence lifecycle for higher effectiveness. Cloud-first management simplifies the environment, while making it easier to enhance protections and policies.

We are heading towards a ubiquity of connected devices – an estimated 200 billion by 2020, according to forecasting by Intel. With that saturation, a piecemeal approach to security will become overwhelmingly resource-heavy. By automating aspects of your security implementation, and sharing real-time data across security implementations, you can free up your skilled people to deal with the real high-level threats.

This is the driver behind our ‘Did you know?’ campaign that offers clients a critical competitive advantage through integrating different types of security. Take the quiz ( http://getconnected.intelsecurity.com/en/quiz/start ) to assess your knowledge of current threats and trends in IT security, or read more about these topics and solutions here ( http://getconnected.intelsecurity.com)





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

2024 Southern Africa OSPAs winners announced
Editor's Choice
The 2024 Southern Africa Outstanding Security Performance Awards (OSPAs) winners were revealed on Tuesday, June 11th, at the Securex South Africa Seminar Theatre hosted by SMART Security Solutions.

Read more...
AI and ransomware: cutting through the hype
AI & Data Analytics Information Security
It might be the great paradox of 2024: artificial intelligence (AI). Everyone is bored of hearing it, but we cannot stop talking about it. It is not going away, so we had better get used to it.

Read more...
Local manufacturing is still on the rise
Hissco Editor's Choice News & Events Security Services & Risk Management
HISSCO International, Africa's largest manufacturer of security X-ray products, has recently secured a multi-continental contract to supply over 55 baggage X-ray screening systems in 10 countries.

Read more...
NEC XON shares lessons learned from ransomware attacks
NEC XON Editor's Choice Information Security
NEC XON has handled many ransomware attacks. We've distilled key insights and listed them in this article to better equip companies and individuals for scenarios like this, which many will say are an inevitable reality in today’s environment.

Read more...
The future of digital identity in South Africa
Editor's Choice Access Control & Identity Management
When it comes to accessing essential services, such as national medical care, grants and the ability to vote in elections to shape national policy, a valid identity document is critical.

Read more...
Do you need a virtual CIO?
Editor's Choice News & Events Infrastructure
If you have a CIO, rest assured that your competitors have noticed and will come knocking on their door sooner or later. A Virtual CIO service is a compelling solution for businesses navigating tough economic conditions.

Read more...
AI-enabled tools reducing time to value and enhancing application security
Editor's Choice
Next-generation AI tools are adding new layers of intelligent testing, audit, security, and assurance to the application development lifecycle, reducing risk, and improving time to value while augmenting the overall security posture.

Read more...
Perspectives on personal care monitoring and smart surveillance
Leaderware Editor's Choice Surveillance Smart Home Automation IoT & Automation
Dr Craig Donald believes smart surveillance offers a range of options for monitoring loved ones, but making the right choice is not always as simple as selecting the latest technology.

Read more...
AI enables security solutions to define business strategies
Regal Distributors SA Editor's Choice
While allowing technologies to do exactly what they should do with even more efficiency and precision, AI is also empowering these same technologies to break through their traditional boundaries and create an ecosystem where one interface delivers outcomes across highly segmented verticals.

Read more...
Putting cyber into surveillance
Dallmeier Electronic Southern Africa Cathexis Technologies Technews Publishing Editor's Choice
Cybersecurity has become an essential part of the physical security industry. However, unlike other IoT technologies, of which security products are a part, surveillance technologies have more to protect.

Read more...