classic | mobile
Follow us on:
Follow us on Facebook  Share via Twitter  Share via LinkedIn
 

Search...
Hi-Tech Security Solutions Business Directory
Residential Estate Security Handbook 2018


New defence approaches required
November 2018, Cyber Security

The world is witnessing a proliferation of global malware and other cyber-attacks, with the number of breaches escalating. Coupled with this the growth in the value of crypto currencies is creating new areas of vulnerability and making the move from physical to digital even more pronounced.

In this rapidly evolving environment, we cannot expect traditional security strategies to remain effective.

Traditionally the key fundamentals of security have been firewalls, IDS and anti-virus. But escalating data breaches illustrate that focusing on these basics alone is no longer effective.

2019 must be the year for enhanced visibility, regardless of where a company’s perimeter is located. The days of single breakouts and in-house applications are over; therefore, the future-proof strategy must expand the definition of the ‘boundary’ beyond physical buildings and defending against external threats. Now, the perimeter must look both ways to protect against threats from the inside where a massive hole could be waiting to be exploited.

Visibility is top of the priority list in the world of the cloud

Security must take into account who and what is already within the confines of the environment, asking what users do with information and how they are accessing applications. It must take into account that users access business systems remotely, and that critical systems and data are now stored, accessed and created out in the cloud.

Business must focus its cybersecurity strategies on delivering full visibility across all business systems. Information security must ensure that it knows what behaviours are taking place across both its physical and virtual environments. Visibility makes it possible to respond with speed to potential breaches as indicated by behavioural changes or anomalies.

Effective monitoring with the ability to instantly respond will eliminate down time and ensure ongoing business operations and the capability of securing your businesses in a digital world.

Crypto-mining attacks will form a massive part of the 2019 threat landscape

Mining is the process of adding transaction records to Bitcoin's public ledger of past transactions - a ‘mining rig’ is a colloquial term for a single computer system that performs the necessary computations for ‘mining’.

In this instance the attacker deploys a piece of malware that uses the infected machine’s processing capacity to run calculations to mine crypto currency. There are miners for different types of crypto currency, including newer ones as these require fewer calculations. The modern crypto miner has built-in intelligence which stops working when the user is logged in and performing their normal work. When they are idle or away from their machine, the crypto miner kicks in once again.

Therefore without adequate monitoring on what is really running on your machines, these attacks can go undetected for very long periods.

Ransomware attacks will continue, but due to better backup and recovery planning this is not as effective as in the past. A crypto miner starts to generate revenue for the attacker from day 1 and for as long as it is not detected. This is also very simple for unmonitored insiders to deploy themselves. I think this will be a massive part of 2019 threat landscape.

Organisations need to work on the Assume Compromise principle. You need to understand that security layers will fail, firewalls will miss attacks, end point protection will fail and users will compromise the systems in place. With visibility, you understand what is normal – what needs to be improved is the capacity of organisations to identify what is different.

Attacks will continue to grow because attack tools are more readily available and almost all attackers are unsophisticated and simply by continually doing the basics and having effective monitoring you will be able to stop almost all of these. It is imperative to make your attack surface smaller.

John Mc Loughlin, CEO, J2 software.
John Mc Loughlin, CEO, J2 software.

The biggest risk in 2019 remains the same – Users!

The busy modern, hyper-connected user can and will compromise your environment, most of the time by accident. The user is where the biggest real risk sits, but the modern user cannot work with traditional ‘lock and block’ scenarios. 2019 strategic trends should see users being brought into the picture by providing them with the power to identify and help prevent cyber-attacks.

In 2019 the forward-looking cyber security plans must do everything possible to empower the user to fight against cyber-attacks. Utilising effective technology to provide you and your users with full visibility into risky activity and immediately identify anomalies will be the key to staying un-breached throughout 2019.

For more information contact J2 Software, +27 87 238 1870, john@j2.co.za, www.j2.co.za


Credit(s)

Tel: +27 11 794 1096
Fax: 086 619 3563
Email: info@j2.co.za
www: www.j2.co.za
Articles: More information about J2 Software

  Share via Twitter   Share via LinkedIn      

Further reading:

  • When cybercrime affects health and safety
    April 2019, This Week's Editor's Pick, Cyber Security
    The threat of a category-one cyber-attack is that everything could seem right – the readings on the meter could be fine, checklists would be followed, and equipment would work – yet danger could still unfold.
  • New service to fight cybersecurity threats to African banks
    April 2019, Cyber Security
    Foregenix is launching a service to combat the new and growing breed of cyber-attacks on African banks.
  • Cyber/physical perils in hospitality
    April 2019, Wolfpack Information Risk, This Week's Editor's Pick, Cyber Security, Entertainment and Hospitality (Industry)
    How can we prepare for our holidays and avoid becoming the victim of a scam or data breach?
  • Cloud and mobile deployments are the weakest links
    April 2019, Check Point South Africa, Cyber Security
    Report highlights the cloud and mobile attack vectors used to target enterprises: nearly one in five organisations experienced a cloud security incident in the past year.
  • Rethink security priorities
    April 2019, News, Cyber Security
    Cryptocurrency mining is up 237%, phishing attacks increase by 269%, business email compromise attacks have gone up by 28%.
  • New supply chain attack
    April 2019, Kaspersky Lab, Cyber Security
    Kaspersky Lab has uncovered a new advanced persistent threat (APT) campaign that has affected a large number of users through what is known as a supply chain attack.
  • Overcoming the 2019 cyberthreat
    April 2019, IT infrastructure, Cyber Security
    The flexibility of remote working is good, however, the wider a network perimeter has to stretch, the more scope exists for security breaches.
  • Halt, who goes there?
    March 2019, Technews Publishing, Wolfpack Information Risk, This Week's Editor's Pick, Cyber Security
    As long as organisations treat their physical and cyber domains as separate, there is little hope of securing either one.
  • IoT is convergence in action
    March 2019, Gijima Electronic and Security Systems (GESS), NEC XON, Technews Publishing, Axiz, G4S South Africa, This Week's Editor's Pick, Cyber Security, Integrated Solutions, IT infrastructure
    The Internet of Things gains more than enough attention these days, but the IoT demonstrates the reality of the convergence between the physical and cyber worlds, and physical security is part of it.
  • Stop hacking of access control ­systems
    March 2019, This Week's Editor's Pick, Access Control & Identity Management, Cyber Security
    Think someone hacking your access control system not a big deal? Scott Lindley suggests that you think again.
  • New cybersecurity pavilion for Securex 2019
    March 2019, Securex South Africa , This Week's Editor's Pick, Cyber Security, News, Conferences & Events, Training & Education
    Securex South Africa 2019 has announced that 4Sight Technologies, a subsidiary of an international holdings company focusing on investing in Industry 4.0 companies, has signed on as the official sponsor ...
  • Security by design
    March 2019, Johnson Controls, Cyber Security, Integrated Solutions
    The security of the platforms on which physical security products are built will increasingly impact purchase decisions and market positions.

 
 
         
Contact:
Technews Publishing (Pty) Ltd
1st Floor, Stabilitas House
265 Kent Ave, Randburg, 2194
South Africa
Publications by Technews
Dataweek Electronics & Communications Technology
Electronic Buyers Guide (EBG)

Hi-Tech Security Solutions
Hi-Tech Security Business Directory (HSBD)

Motion Control in Southern Africa
Motion Control Buyers’ Guide (MCBG)

South African Instrumentation & Control
South African Instrumentation & Control Buyers’ Guide (IBG)
Other
Terms & conditions of use, including privacy policy
PAIA Manual
         
    Mobile | Classic

Copyright © Technews Publishing (Pty) Ltd. All rights reserved.