Story image

Security breaches: When, not if

25 May 16

Security breaches. It is no longer a matter of if a breach will happen, but when and how often.

That’s the dark warning from Ixia, who says that as malware and security breaches threaten business security on a daily basis, the costs of fixing such attacks and wider system defects is rising.

Stephen Urquhart, general manager ANZ, Ixia, says businesses need to develop a 360-degree view of their network architecture to fight attacks and minimise breaches.

“It can be difficult for organisations to be on top of all relevant threats and potential security breaches. Companies that want to be secure cannot have a partial view of their business,” he explains.

“They need better detection and protection systems in place that provide visibility and a 360-degree perspective of the business.”

According to Urquhart, a four step, 360-degree approach to network architecture provides the best security and visibility, leading to more efficient and effective operations:

1. Develop. Using network solutions providers, IT teams can generate realistic mixes of application and attack traffic to see how proposed designs fare, and scale, in live scenarios.

Stephen Urquhart, said, “In 2016 we are likely to see new adaptations of malware, like KeRanger, that encrypt both computer and backup files. Businesses should act proactively and pressure test new networks or software programmes to ensure they are resilient to mutations of known malware.”

2. Train. Businesses must ensure their employees have the right skillsets to address every stage of the security life cycle. They need to know how to stress designs and configurations prior to production or network rollout, what to monitor for, and how to limit the network’s attack surface. It is also wise to employ additional programmes that validate application performance and test against attack scenarios.

Stephen Urquhart, said, “The malware, GozNym, recently targeted consumer interactions with banks to steal two-part authentication details and conduct fraudulent activity. If banks had commissioned more thorough testing of attack traffic in their mobile application conception and design stages it may have provided stronger resilience to this strain of malware.”

3. Monitor. Businesses need to keep their ROI high and the system back doors closed. Once a company’s visibility architecture is in place, it must be monitored. You cannot secure what you cannot see.

The most recent large scale malware attacks by Locky, GozNym and KeRanger, for example, could have been detected faster if organisations had 360-degree network visibility architecture in place. Monitoring should be conducted with a wide array of proactive and reactive tools.

4. Defend. Reducing the organisation’s attack surface and maximising the security tools makes defence easier. Preventing unneeded and unwanted traffic from touching the network will reduce risk, minimise the cycles spent responding to attacks and save the security team from ‘alert overload’. Organisations can reduce human error as a key source of system vulnerability, by adequately training employees and making sure they understand the cybersecurity policies.

What MSPs can learn from Datto’s Channel Ransomware Report
While there have been less high profile attacks making the headlines, the frequency of attacks is, in fact, increasing.
Cisco expands security capabilities of SD­-WAN portfolio
Until now, SD-­WAN solutions have forced IT to choose between application experience or security.
AlgoSec delivers native security management for Azure Firewall
AlgoSec’s new solution will allow a central management capability for Azure Firewall, Microsoft's new cloud-native firewall-as-a-service.
Kiwis losing $24.7mil to scam calls every year
The losses are almost five times higher compared to the same period last year, from reported losses alone.
How to configure your firewall for maximum effectiveness
ManageEngine offers some firewall best practices that can help security admins handle the conundrum of speed vs security.
Exclusive: Why Australian enterprises are prime targets for malware attacks
"Only 14% of Australian organisations are continuously training employees to spot cyber attacks."
Exclusive: Why botnets will swarm IoT devices
“What if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems?”
"Is this for real?" The reality of fraud against New Zealanders
Is this for real? More often than not these days it can be hard to tell, and it’s okay to be a bit suspicious, especially when it comes to fraud.