[BreachExchange] Evolving Cyber Threats, Be Responsive To Defend
Audrey McNeil
audrey at riskbasedsecurity.com
Thu Jul 27 19:24:06 EDT 2017
http://www.cxotoday.com/story/evolving-cyber-threats-be-
responsive-to-defend/
Datacenters, cloud, mobility and ease of accessing data makes human life
more and more simpler and faster for their actions. Enterprises are keep
moving their applications to cloud, access them through mobile and apps to
have them always connected. This indicates digital traffic continues to
increase as we sprint into the Zettabyte Era, where predications are data
will triple in three years. By 2020, wireless and mobile device traffic
will account for two-thirds of total global IP traffic where average
internet bandwidth demand is almost doubled to enterprises.
The data volumes are exploding, more data has been created in the past few
years than in the entire previous history of digital universe. Some of
these data is critical and stored in large volumes, processed with big data
analytics to convert meaningful information. This is getting used to drive
business in various health cares, finance, banking and insurance industries.
Data becomes key for enterprises and that creates the multiple risks while
storing and accessing it for their needs. Large amount of efforts invested
to protect data and steps are taken for holistic security of critical
infrastructure. Organizations are discovering first-hand about the
devastating impact that a security breach can have: operational disruption,
lost customers, missed opportunity, a hit to their brand reputation, and in
some cases, declining revenue.
If we realize other side of critical data growth, the competition creates
added data demand and then increasing targeted attacks of Critical
Organizational Infrastructure. The world is experiencing a shift in the
threat landscape with different strains of malware attacking network
systems every day. The Advance threats s, zero-day attacks and ransomware
are now common words in security industry and CISO’s are finding ways to
deal with it. The attacks that organizations are dealing with are motivated
simply by money. Cybercriminals have developed a business model to
distribute their attacks across the widest set of targets, often using
pre-packaged tools or services readily available on the dark web at small
cost. It is so simple, to create threat anyone can buy up till 5 Gb DDoS
attack in $5 to $10 cost to bring website down form this world.
Malicious actors are taking advantage of expanding attack surfaces and
evolving tactics to keep their windows of opportunity open. When they
succeed, CXO’s comments, the results are apparent, quantifiable, and costly.
Traditional security models are moving towards advanced security.
Prediction is over the next few years, cyber security will evolve. But in
what ways? Will the balance of the cyber war change, or will hackers still
reign supreme?
With the threat of cybercrime showing no signs of abating, cyber security
defenses will use more intelligence, big data analysis and machine learning
to convergence of security-related data at network layers, correlate to
identify threats and work proactively to expose and relate the full
operation of new cyber-attack campaigns. Security administration and their
systems need to have comprehensive visibility to spot potential cyber
threats and to successfully defend against them. Without recording the
data, they are flying blind. Without correlating data from different
sources, it is impossible to identify complex patterns.
Today’s deployed security at various layer systems and inability to
integrate them to converge security data is big challenge in front of
CXO’s. Though security OEMs are advancing their technologies, integration
with others is not happening. There is no mutual unity between vendors and
development to bring open security threat intelligence to beat cyber
threats. I have come across seeing thousands of cyber-attacks originating
to and from organization when products deployed, but hardly see action on
them from same product. This is heavily impacting organizations to protect
current investments and make them keep investing more. Security budgets are
focused and larger part of the entire budget. Data security review and
breach reports are part of the board meetings.
So how to defeat this situation? My personal view is organizations must
keep evaluating next generation security systems, see what is best value
for investment but still they can focus what is in their control.
- Make initial base of Information Security management services
(ISMS) controls, get it effectively implemented and measure effectiveness
to improve.
- IT security skills are embedded into their organization for the
foreseeable future, increased need for internal training and development
opportunities (awareness) for them and employee both.
- Keep track of access control and information handling so that
rights on information is managed, data cannot be leaked in read and write
format. Critically identified data should be physically secured, segregated
and backed up for restoration.
- Integrate each device with log management (SIEM) tool and deploy
correlation to notice and review them to action.
- Regular internal and third party audits are integral part of
organizational process to assess maturity of information security policies
and improve them better, focus and get them done and keep improving.
- Get periodic VA and PT done on infrastructure and assess report to
mitigate them. look for non-patched and newly detected vulnerabilities;
patch, scan… patch, scan…. and patch them.
- Finally, and most important – We cannot predict and prevent all
threats. Look and invest in security incident response and see how strong
you can make it responsive post detect and protect data.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170727/690c924f/attachment.html>
More information about the BreachExchange
mailing list