SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Security breaches: When, not if
Wed, 25th May 2016
FYI, this story is more than a year old

Security breaches. It is no longer a matter of if a breach will happen, but when and how often.

That's the dark warning from Ixia, who says that as malware and security breaches threaten business security on a daily basis, the costs of fixing such attacks and wider system defects is rising.

Stephen Urquhart, general manager ANZ, Ixia, says businesses need to develop a 360-degree view of their network architecture to fight attacks and minimise breaches.

“It can be difficult for organisations to be on top of all relevant threats and potential security breaches. Companies that want to be secure cannot have a partial view of their business,” he explains.

“They need better detection and protection systems in place that provide visibility and a 360-degree perspective of the business.

According to Urquhart, a four step, 360-degree approach to network architecture provides the best security and visibility, leading to more efficient and effective operations:

1. Develop. Using network solutions providers, IT teams can generate realistic mixes of application and attack traffic to see how proposed designs fare, and scale, in live scenarios.

Stephen Urquhart, said, “In 2016 we are likely to see new adaptations of malware, like KeRanger, that encrypt both computer and backup files. Businesses should act proactively and pressure test new networks or software programmes to ensure they are resilient to mutations of known malware.

2. Train. Businesses must ensure their employees have the right skillsets to address every stage of the security life cycle. They need to know how to stress designs and configurations prior to production or network rollout, what to monitor for, and how to limit the network's attack surface. It is also wise to employ additional programmes that validate application performance and test against attack scenarios.

Stephen Urquhart, said, “The malware, GozNym, recently targeted consumer interactions with banks to steal two-part authentication details and conduct fraudulent activity. If banks had commissioned more thorough testing of attack traffic in their mobile application conception and design stages it may have provided stronger resilience to this strain of malware.

3. Monitor. Businesses need to keep their ROI high and the system back doors closed. Once a company's visibility architecture is in place, it must be monitored. You cannot secure what you cannot see.

The most recent large scale malware attacks by Locky, GozNym and KeRanger, for example, could have been detected faster if organisations had 360-degree network visibility architecture in place. Monitoring should be conducted with a wide array of proactive and reactive tools.

4. Defend. Reducing the organisation's attack surface and maximising the security tools makes defence easier. Preventing unneeded and unwanted traffic from touching the network will reduce risk, minimise the cycles spent responding to attacks and save the security team from ‘alert overload'. Organisations can reduce human error as a key source of system vulnerability, by adequately training employees and making sure they understand the cybersecurity policies.