Integrated security key

April 2016 Editor's Choice, Cyber Security

The trends and threats encountered by South African companies are largely those of our global counterparts, but our priorities show a misalignment. In fact, market intelligence firm, IDC, predicts that IT security spending in SA will lag behind the actual importance and impact of this strategic imperative, leaving local companies potentially vulnerable. Organisations face multiple challenges in today’s threat landscape. Specifically, the siloed nature of implemented technologies, a lack of overall visibility, and increasingly sophisticated targeted attacks are all potential vulnerabilities in the overall cyber resilience of organisations.

Trevor Coetzee, Intel Security.
Trevor Coetzee, Intel Security.

In 2014, US-based retailer, Target, learnt this the hard way, when malware led to the leak of millions of customers’ credit card details. It’s not that the breach wasn’t detected by the company, but that the alerts failed to prompt either an automatic response or even a manual response. The failure resulted in a huge knock in profits, and massive reputational damage. Could this happen locally? Absolutely. The malware here was described as ‘unsophisticated and uninteresting’, but it was their inability to respond that let Target down.

So, if Target, with all the resources of a huge US retailer, can fall victim, how can a South African company expect to avoid the same fate? A quick audit of your organisational preparedness can help identify pitfalls, and an integrated and multi-layered approach will help you plug them.

What are the threats?

A patchwork of solutions: Companies are dealing with dozens of individual niche security vendors offering single point solutions. Often these operate in functional silos with no intelligence-sharing, preventing infrastructure-wide visibility for real-time detection of threats. This fragmented environment leads to gaps in protection and poor visibility, which drives up the time and manual processes needed to move from discovery to remediation.

Speed of response: There is a concept in emergency medicine of the ‘golden hour’. The probability of surviving improves if a patient is treated within the first hour. The equivalent applies to security. Losses can be dramatically reduced with faster, precise detection and automated remediation. In 60% of cases, attackers can compromise an organisation within minutes (2015 Verizon DBIR), and 75% of attacks spread from ‘patient zero’ within 24 hours (Gartner, May 2015: Best Practices for Detecting and Mitigating Advanced Persistent Threats). In order to defend against this, organisations must minimise the time between network penetration and threat containment and remediation.

Skills shortage: Overwhelmed security practitioners are struggling in the face of exponentially growing threat complexity, with over 400 000 new malicious programs identified every day (AV-Test.org). Plus, people who offer the magic combination of skills (including environment knowledge, depth of technical expertise, and knowledge of business priorities) are hard to find, hire and retain. In fact, 66% of organisations in a recent SANS Institute survey said that skills and people shortages were the top impediment to incident response.

So what’s the solution?

Protect: Comprehensive prevention lets users be more productive while blocking the most pervasive attacks and disrupting never-before-seen techniques and payloads. With the right tools, we can reduce security fragmentation, automate operational tasks, and enhance capabilities to combat attacks more effectively with less effort. A hybrid, integrated system brings together a dynamic endpoint of anti-malware, data protection and web security controls with virtualised data centre security infrastructure and centralised management.

Detect: Since no single analysis or intelligence source can detect sophisticated attacks, advanced monitoring and tiered analysis works to identify anomalous behaviour, catching low-threshold attacks that would otherwise go unnoticed. Ultimately this helps us detect, contain and resolve more issues with far less damage. Better insight produces higher confidence in less time. We can also integrate data and tools so they collaborate in real time for faster investigation of and response to events.

Correct: Facilitated triage and response lets teams prioritise threats, assisting speedy investigation and remediation for both endpoint and the cloud. A broad visibility and integrated management environment can facilitate self-learning – to keep evolving the threat defence lifecycle for higher effectiveness. Cloud-first management simplifies the environment, while making it easier to enhance protections and policies.

We are heading towards a ubiquity of connected devices – an estimated 200 billion by 2020, according to forecasting by Intel. With that saturation, a piecemeal approach to security will become overwhelmingly resource-heavy. By automating aspects of your security implementation, and sharing real-time data across security implementations, you can free up your skilled people to deal with the real high-level threats.

This is the driver behind our ‘Did you know?’ campaign that offers clients a critical competitive advantage through integrating different types of security. Take the quiz ( http://getconnected.intelsecurity.com/en/quiz/start ) to assess your knowledge of current threats and trends in IT security, or read more about these topics and solutions here ( http://getconnected.intelsecurity.com)





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Axis gives a brighter future to children
Issue 1 2020, Axis Communications SA , Editor's Choice
Fully networked camera solution provides visibility and accountability, letting orphanage focus on what’s important – its children.

Read more...
SFP Security & Fire becomes ISF SFP
Issue 1 2020, ISF SFP , Editor's Choice
SFP Security & Fire was sold to ISF in 2019, becoming ISF SFP and attaining Level-1 BEE status.

Read more...
Janu-worry or Twenty-Plenty?
Issue 1 2020 , Editor's Choice
If the available security spend right now is somewhere between limited and non-existent, here are just a few suggestions.

Read more...
CCTV surveillance needs are critical in defining types of camera deployment
Issue 1 2020, Leaderware , Editor's Choice
Cameras by themselves do not reduce crime; they need to be implemented as part of a considered strategy of crime prevention and detection.

Read more...
Trends 2020
Issue 1 2020, Technews Publishing , Editor's Choice
Hi-Tech Security Solutions asked a few people from diverse companies to join us in a round-table discussion about what they expect to see happening in their environments in the coming year.

Read more...
Seven key trends for 2020
Issue 1 2020, Hikvision South Africa , Editor's Choice
Hikvision looks at a few trends that will affect the security industry in 2020 and beyond.

Read more...
Hundreds of millions to reskill
Issue 1 2020 , Editor's Choice
By 2022 alone, 75 million jobs will probably be displaced across 20 major economies, while 133 million new ones will spring up in industries that are only just gaining traction.

Read more...
Slow and steady wins the access race
Issue 1 2020, ZKTeco, Technews Publishing , Editor's Choice, Commercial (Industry)
The commercial sector is slow in migrating to new access control technologies, with the majority of companies remaining with card and fingerprint solutions.

Read more...
Client property access integrity
Issue 1 2020 , Editor's Choice
Blind or unquestioned trust is something that we all seem to willingly and unconditionally give our security service providers and their reaction officers.

Read more...
2020 Residential Estate Security Conference in KZN
November 2019, Technews Publishing , Editor's Choice
Meeting the residential security challenges in 2020 and beyond: Hi-Tech Security Solutions will host the Residential Estate Security Conference 2020 in Durban on 12 March 2020.

Read more...