[BreachExchange] User lock-down or education? Cybersecurity issues in a rapidly evolving landscape

Audrey McNeil audrey at riskbasedsecurity.com
Tue Jan 23 10:44:08 EST 2018


According to the recent PwC report, The Global State of Information
Security Survey 2018, companies around the globe are becoming more reliant
on cyber capabilities and this means that, in turn, they must also
recognise and manage the associated risks, or make themselves vulnerable to
large-scale events with significant disruptive consequences.

Anton Jacobsz, managing director at Networks Unlimited South Africa, says,
“There has been so much evolution in this arena that the cybersecurity of
the old days is not the security of today, when we have so many different
teams looking at so many angles of the data. Right across the security
network, solutions need to be based on next-generation thinking, such as
authentication, finger printing and the two-token system. The market needs
to understand that threats do not come only from the outside – advanced
threats also attack from the inside.

“Security today does not mean just your firewall – we need to think about
the impact of applications security, Distributed Denial of Service (DDoS)
mitigation and entry points into your network through e-mails and Wi-Fi,
for example. There is a need to cover entry points and exit points: your
perimeter means nothing if you don’t have security monitoring traffic to
and from the edges. This raises issues such as, ‘Do you lock down your
users or educate them?’ and so it can be seen that there is no one solution
to the issue of cybersecurity.”

Jacobsz says security experts need to have a dual strategy: one for the
network edge and one for the data centre. “However, these were not built to
integrate and so bottlenecks are created with a two-phased security at both
the edge and the core. You are also dealing with more than one vendor and
this brings a multi-phase defence, and the need to continuously evaluate
your environment. We also have to look at issues such as capex vs opex
models in servicing, and what products to use and how to fund them.

“From a trend perspective, Gartner has predicted that in time, we’ll see
mergers and acquisitions resulting in just three or four big security
vendors, selling hosted services and offering massive data centres and very
large teams in order to provide those services. Another trend that we see
in the future is the ongoing rise of digitisation and the Internet of
Things (IoT), and with it the mindset of instant consumption from your
consumer-based clients. In turn, this means that from a security
perspective, you need to know what you want to secure, and where. For
example, a bank needs to be able to secure everything on the network to
make it unappealing to the would-be thief.

“Finally, I think the biggest trend we will see in our market in the next
two years is the onset of requirements around the Protection of Personal
Information Act (PoPI), and how this legislation is set to change what
businesses can do with customer and corporate data.”

Under PoPI, any business that holds customer or client data is responsible
for securing that information. In order to prevent confidential personal
information from being stolen or compromised, companies must ensure that
they have put in place technical measures to protect the information that
exists within the organisation, such as network firewalls, disk encryption
for all hard drives, antivirus and anti-phishing software, and strong
password protection.

Jacobsz says, “Customers should ask themselves the following when investing
in security infrastructure and software: what do we need to protect, and
why; how do we want to protect it; where is the highest risk; how do we
weigh up costs versus security mitigation; is the business actually willing
to invest in cybersecurity in order to protect itself; how much data do we
need to protect; can we store off-site; how easy is it to manage our
network security requirements; and can we outsource our network security?
The question of liability, as per the looming requirements of the PoPI Act,
needs to be implicit in all of these aforementioned issues.”

Against these concerns, Jacobsz clarifies that Networks Unlimited offers
solutions at all stages of network security, including offerings in the
realm of DDoS, advanced threats, prevention and response, next generation
firewalls, next-generation deception-based tools, ransomware, phishing and
Wi-Fi security.

Networks Unlimited partnerships in the cybersecurity realm include the
· Network security and network monitoring products, to protect networks
from denial of service attacks, botnets, computer worms and attacks aimed
at disabling network routers.

· Unified threat management to deliver solutions that improve performance,
increase protection and reduce costs.

· Comprehensive phishing defence solutions to condition users to recognise
and report attacks, while working to reduce phishing-related breaches by
speeding the collection and response of phishing threats in real time.

· Intelligence-driven security solutions that give clients the ability to
detect, investigate and respond to advanced threats, confirm and manage
threats, and prevent IP theft, fraud and cybercrime.

· Encryption, advanced key management, tokenisation and privilege control
to protect and manage data, identities and intellectual property as well as
meet regulatory compliance.

· Deception-based platforms which exercise deception-based detection
throughout every layer of the network stack, enabling efficient detection
for every threat vector, ultimately deceiving attackers into revealing
themselves and thus closing the detection deficit.

Jacobsz concludes, “It can be clearly seen that we cannot define security
as falling into just one area, but rather it requires attention to many
areas. This brings with it the need for multiple interactions across
partners and the need for seamless communication and seamless data sharing.
Collaboration is most definitely on the rise, which can only be a good
thing as the threat landscape itself keeps evolving in complexity.”
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20180123/fa81c54f/attachment.html>

More information about the BreachExchange mailing list