SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Kiwis - too relaxed about cybercrime? Palo Alto tech ramps up NZ cybersecurity
Wed, 7th Jun 2017
FYI, this story is more than a year old

Are most New Zealand businesses simply too relaxed about cybercriminal activity?

An unseen threat, constantly evolving, and canny with disguise doesn't make it any less real.

Whilst quick to enjoy the benefits of doing business in a relatively unregulated economy, why do many Kiwis still ignore the real repercussions of not considering business continuity?

Current reports indicate that more than 100 New Zealand businesses a day experience some form of cyber-attack. Reports can be conservative, and generally are. For organisations without a robust and tested cyber-attack plan, a new day is a new minefield.

With mountains of data released into the cloud abyss daily, hourly, constantly, it can seem extremely daunting to try and keep up with the demands and maintain safety of vulnerable business data and intelligence.

At Network Service Providers this risk is taken very seriously. Combining great product, engineering nous, and nailing modern day security requirements makes for a great platform with which to fight back.

NSP's 33-step Risk Intelligence Audit process is an in depth dive into people's networks and a great first port of call.

When Andy Simpson, Head of IT for The Lines Company set out to upgrade current firewalls he was looking for “a platform that would give us a much more holistic approach to security”.

One of the biggest challenges Simpson and his team had to tackle was network security. Management of the company's firewalls was time consuming, and the IT team had to remediate security issues on a daily basis.

For a company that owns and operates electricity distribution spanning 4,500 kilometres in the rugged North Island with no major urban centre, understandably, the stakes were high to find a more robust solution.

Simpson's concerns were that their current firewalls lacked the necessary protection to block modern-day intrusions to the network. After going to market, The Lines Company decided on Palo Alto Networks product designed and deployed by Network Service Providers.

NSP got to work beginning with a Security Lifecycle Review. The Palo Alto firewall was placed on their network and run parallel with the original firewall allowing for full visibility and transparency of everything traversing their network. It quickly became apparent that all sorts of intrusions were corrupting it.

What really sold Simpson was the list of over 100 security infections that had been living within their environment for quite some time.

NSP have been instrumental in bringing Palo Alto technology to the NZ market, and Brent Addis, their senior network and security engineer says this technology is years ahead of its competition.

“We see security as a bit of an onion. Just as an onion has layers, so does company security”, says Addis, who is the first person in New Zealand to receive the Palo Alto Networks Jacket for completing all five exams of the partner certification security exams.

Addis goes on to explain the various onion layers; the outside layer being DNS, email, and all the “outside” services. The firewall layer protects both infiltration and exfiltration of your data.

The next layer being the all-important network segregation. Palo Alto are the first firewall brought to market to support full application visibility. Switching is the next layer.

What's significant is something called port isolation which prevents mass infection simply because one workstation is infected, and ensures no one workstation can talk to another, they have to go through the firewall. Next comes printer hacking. Yes, you heard right. Printers are being hacked.

“80% of the issues are created internally. Staff visiting obviously dodgy websites, phishing scams, staff plugging in USB sticks and hard drives”, says Addis.

All it takes is a misconfiguration and anyone driving down the street can find an open access point and they're on your network.

NSP's Risk Intelligence Audit is a simple streamlined step by step process that identifies a business' risk and exposure to sensitive data. By way of scanning and then point scoring the entire network a unique assessment is delivered plus a host of protective recommendations.

Next generation technologies dramatically assist in the prevention of constantly shifting cyber threats and provide a transparent and continuous view of company security. Regular updates, maintenance re-adjustments, and having the skills on hand of people who are thorough and experienced is crucial.

According to Andy Simpson, the move has virtually eliminated security infections. “A combination of a great product coupled with an effective business partner, Network Service Providers, has allowed TLC to realise significant security and operational gains.

“We have a long-standing relationship with Palo Alto Networks partner, NSP, and they have proven to be a very good technology partner for us”, says Simpson.

Hackers are incredibly smart. An alarming 60% of NZ businesses lack an incidence response plan, thus opening themselves to cybercrime. As a nation with a booming SME business community this spells… potential disaster.