Story image

Security breaches: When, not if

25 May 2016

Security breaches. It is no longer a matter of if a breach will happen, but when and how often.

That’s the dark warning from Ixia, who says that as malware and security breaches threaten business security on a daily basis, the costs of fixing such attacks and wider system defects is rising.

Stephen Urquhart, general manager ANZ, Ixia, says businesses need to develop a 360-degree view of their network architecture to fight attacks and minimise breaches.

“It can be difficult for organisations to be on top of all relevant threats and potential security breaches. Companies that want to be secure cannot have a partial view of their business,” he explains.

“They need better detection and protection systems in place that provide visibility and a 360-degree perspective of the business.”

According to Urquhart, a four step, 360-degree approach to network architecture provides the best security and visibility, leading to more efficient and effective operations:

1. Develop. Using network solutions providers, IT teams can generate realistic mixes of application and attack traffic to see how proposed designs fare, and scale, in live scenarios.

Stephen Urquhart, said, “In 2016 we are likely to see new adaptations of malware, like KeRanger, that encrypt both computer and backup files. Businesses should act proactively and pressure test new networks or software programmes to ensure they are resilient to mutations of known malware.”

2. Train. Businesses must ensure their employees have the right skillsets to address every stage of the security life cycle. They need to know how to stress designs and configurations prior to production or network rollout, what to monitor for, and how to limit the network’s attack surface. It is also wise to employ additional programmes that validate application performance and test against attack scenarios.

Stephen Urquhart, said, “The malware, GozNym, recently targeted consumer interactions with banks to steal two-part authentication details and conduct fraudulent activity. If banks had commissioned more thorough testing of attack traffic in their mobile application conception and design stages it may have provided stronger resilience to this strain of malware.”

3. Monitor. Businesses need to keep their ROI high and the system back doors closed. Once a company’s visibility architecture is in place, it must be monitored. You cannot secure what you cannot see.

The most recent large scale malware attacks by Locky, GozNym and KeRanger, for example, could have been detected faster if organisations had 360-degree network visibility architecture in place. Monitoring should be conducted with a wide array of proactive and reactive tools.

4. Defend. Reducing the organisation’s attack surface and maximising the security tools makes defence easier. Preventing unneeded and unwanted traffic from touching the network will reduce risk, minimise the cycles spent responding to attacks and save the security team from ‘alert overload’. Organisations can reduce human error as a key source of system vulnerability, by adequately training employees and making sure they understand the cybersecurity policies.

Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.
How blockchain could help stop video piracy in its tracks
An Australian video tech firm has successfully tested a blockchain trial that could end up being a welcome relief for video creators and the fight against video piracy.
IBM X-Force Red & Qualys introduce automated patching
IBM X-Force Red and Qualys are declaring a war on unpatched systems, and they believe automation is the answer.
Micro Focus acquires Interset to improve predictive analytics
Interset utilises user and entity behavioural analytics (UEBA) and machine learning to give security professionals what they need to execute threat detection analysis.
Raising the stakes: McAfee’s predictions for cybersecurity
Security teams and solutions will have to contend with synergistic threats, increasingly backed by artificial intelligence to avoid detection.
Exclusive: Ping Identity on security risk mitigation
“Effective security controls are measured and defined by the direct mitigation of inherent and residual risk.”