Technology is not a silver bullet

April 2016 Information Security

Cyber security is no longer an IT problem but rather an organisational priority. It has become such a serious issue that it costs businesses money, compromises its information and customer data and causes reputational damage. Unfortunately, there is no silver bullet against cyber onslaughts and implementing the right technology won’t cut it.

Fred Mitchell.
Fred Mitchell.

Granted, technology is important, however, in order to implement a strong line of defence, organisations need a change in mindset. The belief that ‘it won’t happen to me’ is not only outdated, but dangerous, as there is no organisation that is safe in today’s digital world.

The reality is enterprises of all sizes need proactive, intelligence-based solutions plus the relevant expertise to develop comprehensive strategies to detect, remove and remediate threats.

Preventing ‘volume fatigue’

One of the biggest challenges with traditional alert-based security solutions is that the sheer volume of threats, attacks and potential threat events has become overwhelming. Organisations receive hundreds, if not thousands, of alerts on a daily basis, many of which are false positives – this is often a tactic of cyber criminals as they test an organisation’s defences.

Realistically it is impossible to adequately address each and every alert, which leads to a state of ‘alert fatigue’ where legitimate threat events are missed. While there are technologies available for event management that can reduce these numbers, the challenge lies in determining which alerts are important and which are not.

A lack of intelligence relevant to the alerts means that while organisations are bogged down trying to sift through thousands of alerts, attackers can slip a true threat through the defences.

The sophistication challenge

Cyber threats are becoming more advanced, persistent and targeted than ever before, in retaliation to increasingly sophisticated security systems. The recent slew of ransomware attacks, such as TeslaCrypt and its various versions, confirm the sheer tenacity of today’s cyber criminals.

Intelligence-based systems help organisations move from a reactive defence to a more proactive approach. These systems utilise information on attack trends relative to industry, market sector and more, and along with real, current and trending data to understand the tactics, tools and procedures of malware and threat actors.

Only by understanding the tactics, procedures and code that attackers use, rather than the specifics of an attack, can they be detected before they cause too much damage.

In addition, organisations need to have intelligence around other enterprises’ responses to threats and what happens once they are breached, in order to benefit from existing experience around these threats. Furthermore, organisations have to implement solutions that will proactively search for vulnerabilities, to ensure that they can be fixed before they come under attack.

In today’s world, threats are specifically crafted so that they do not trigger alerts in order to ensure maximum chances of infiltrating an organisation’s defences. Enterprises therefore need to be able to detect general types of attacks, rather than specific attack signatures.

Without the ability to dynamically analyse malicious code, or a reliance on known, signature-based attacks, organisations are left vulnerable. However, technology is not a silver bullet solution, as enterprises need intelligence and strategy as well as expertise to detect existing breaches, contain them, remediate and close vulnerabilities.

Early detection is essential, and a multi-faceted approach is key. Businesses need tools that combine intelligence to detect real threats early on in their lifecycle with the ability to develop a complete strategy for dealing with malware and other security breaches.

For more information contact Drive Control Corporation, +27 (0)11 201 8927, [email protected]





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Highest increase in global cyberattacks in two years
Information Security News & Events
Check Point Global Research released new data on Q2 2024 cyber-attack trends, noting a 30% global increase in Q2 2024, with Africa experiencing the highest average weekly per organisation.

Read more...
Identity is a cyber issue
Access Control & Identity Management Information Security
Identity and access management telemetry has emerged as the most common source of early threat detection, responsible for seven of the top 10 indicators of compromise leading to security investigations.

Read more...
Identity and authentication
Technews Publishing SMART Security Solutions Access Control & Identity Management Information Security Security Services & Risk Management
Identity authentication is a crucial aspect of both physical security and cybersecurity. SMART Security Solutions obtained insights into the topic and the latest developments from three companies.

Read more...
From QR code to compromise
Information Security News & Events
A new attack vector involves threat actors using fraudulent QR codes emailed in PDF attachments to bypass companies' phishing security measures by requiring users to scan the code with their mobile phones.

Read more...
Organisations fear AI-driven cyberattacks, but lack key defences
Kaspersky Information Security News & Events Training & Education
A recent Kaspersky study reveals that businesses are increasingly worried about the growing use of artificial intelligence in cyberattacks, with 56% of surveyed companies in South Africa reporting a rise in cyber incidents over the past year.

Read more...
Vodacom Business unveils new cybersecurity report
Information Security IoT & Automation
Cybersecurity as an Imperative for Growth offers insights into the state of cybersecurity in South Africa, the importance of security frameworks in digital resilience and the latest attack methods adopted by cyberattackers.

Read more...
Smart surveillance and cyber resilience
Axis Communications SA Surveillance Information Security Government and Parastatal (Industry) Facilities & Building Management
South Africa’s critical infrastructure sector has to step up its game regarding cybersecurity and the evolving risk landscape. The sector has become a prime target for cybercriminals on top of physical threat actors, and the consequences of an incident can be far-reaching.

Read more...
NIS2 compliance amplifies skills shortages and resource strain
Information Security Security Services & Risk Management
A new Censuswide survey, commissioned by Veeam Software reveals the significant impact on businesses as they adapt to this key cybersecurity directive, with 95% of EMEA businesses siphoning other budgets to try and meet compliance deadline.

Read more...
Cybersecurity needs 4,7 million professionals
Information Security
Despite all the efforts organisations worldwide put into preventing cyberattacks, global cybercrime has snowballed to $9,2 trillion in 2024 and is expected to grow by another 70% to $15,6 trillion by the end of a decade.

Read more...
Autonomous healing systems are the future
Infrastructure Information Security AI & Data Analytics
Autonomous healing software, an emerging technology, is gaining traction for its potential to transform how organisations manage software maintenance, security, and system performance.

Read more...