Story image

The new normal for digital security: inside information

04 Apr 2016

Traditional perimeter guards are no longer enough to guarantee network security, with defences that rely on machine learning and analytics the way forward.

That’s according to Wynyard Group, who says cyber security is moving away from focussing on the perimeter and machine learning and analytics to detect and stop attacks as they occur.

While still wholly necessary as a first line of defence, traditional perimeter guards, such as firewalls, are no longer enough to guarantee a network cannot be breached, the security firm says in a company blogpost.

“The chances are your network will be hacked – and it probably already has been,” Wynyard says.

“Hackers have long since learned to scale those walls. Some hack for fun, some for money and some just hack to make a point; it’s not difficult.”

What is difficult is working out when it happened and how to minimise the damage, the company says.

“Many organisations are now locked in a constant game of cat and mouse between their defenders and potential invaders.”

Prevention better than a cure

Wynyard says many organisations unfortunately cannot avoid storing people’s personal data and running large networks of proprietary information to keep operations going.

“The security of that information is paramount, with its vast amounts of personal identification details that could be stolen to commit fraud and network activities that, if disrupted, could spell disaster,” it says.

“Organisations such as the U.S. government’s Office of Personnel Management, which has apparently been hit by several breaches and lost countless records from background checks on job applicants including 5.6 million people’s fingerprints, highlight the importance of not only trying to prevent hackers getting in but also spotting them once they do,” Wynyard says. “And kicking them out before they can take what they came for.”

Failing to spot a network breach and allowing criminals time inside a network to look around and copy, move or delete data is ultimately a far greater expense than efficient cyber-security will ever be, the company explains.

“TalkTalk in the UK suffered customer data losses that will cost the telco millions of pounds to remedy as it joins fellow hacked organisations in arranging 12 months’ free identity theft checks for affected customers and other potential remedies,” Wynard says. “The company was criticised for elementary cyber-security oversights.

“And in Australia, although a network breach at Kmart was relatively contained, the infiltration of such a big-name retailer catapulted cyber-security into the spotlight, underlining the fact that just about every organisation is at risk and the costs can be high.”

Increasing automated analytics

According to Wynyard, the cyber security market has a growing audience of organisations becoming increasingly aware that, in the case of network security breaches, it’s not a matter of if but when.

“More and more are keen to work out just what the latest defensive actions are in this new landscape,” the company explains.

“It can seem a huge task to monitor vast networks and flows of traffic so the best approach is automated analytics, to take the human stress out of the equation.” 

Wynyard says there have been several digital developments to help reduce the number of databases falling prey to hackers. Products such as Open Network Insight (ONI) are helping – ONI is an open-source tool that monitors operational and security threats in datacentres.

In turn, it relies on Enterprise Data Hub, a platform that can collate an organisation’s various data resources and store them together, enabling unified analytics and other value-adding activity to be performed more succinctly.

“The rising demand for more sophisticated techniques to counter the damage caused by network breaches has also seen the growth and continuing development of cyber threat analytics solutions,” Wynyard says.

“New and emerging cyber analytics offer a ‘behavioural intelligence’ approach. The software platforms work within an organisation’s network, learning its normal traffic and activity patterns then watching for anomalous incidents that could indicate a breach.”

The software flags any such suspicion to the IT security team for further investigation as soon as it is detected, says the company.

“Using analytics support platforms, such as Wynyard’s Advanced Cyber Threat Analytics (ACTA) offering, is becoming ever more prominent as a go-to solution for inevitable network security breaches.

“Looking for, and acting upon, the information already available within your own network is the new normal in information security. It is rapidly becoming a real-time answer to keeping reputational and financial damage to a minimum.”

SecOps: Clear opportunities for powerful collaboration
If there’s one thing security and IT ops professionals should do this year, the words ‘team up’ should be top priority.
Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.