Peter Allor, security strategist at IBM, describes how mobility, cloud and social media have altered the security atmosphere and what Asian companies are doing to counter new threats.
How has the security landscape changed in the last two years? Have mobility, cloud and social media worsened the security atmosphere?
The threat is being portrayed as invincible and so advanced that we are defenceless. This is not an accurate portrayal. The threat has moved in two directions, one attacking enterprises on enterprise written websites and mobile applications, and the second, in attacking with sophisticated attacks through spear-phishing and social media.
This evolution of the attackers to these types of attacks and then downloading additional vectors once they breach an enterprise has changed the landscape.
Correlation of security information has allowed enterprises to better address this landscape change and to allow you to identify attack indicators and potential for compromise.
Information (both structured and unstructured, social data) is seeing endless growth in volume, variety, and velocity, and veracity as organisations seek to leverage big data solutions to gain deep insights and make their businesses more agile. This has opened the door to new vectors allowing the enterprise user to trigger downloads of malware into the network.
How are enterprise-class organisations protecting themselves today? What has changed in their security strategy?
Organisations today deploy a variety of security controls to mitigate risks, so they avoid situations where shutting down the whole network becomes the only solution. These include firewalls, intrusion detection systems, intrusion prevention systems and vulnerability scanners.
All of the individual security controls are good at what they are supposed to do, and they are properly deployed at almost every organisation today. But these controls alone are not sufficient protection from the "bad guys". The fact of the matter is security technology and experts are getting smarter, and so are the attackers.
Also, another thing you notice these days from the cyber attack patterns is there is a shift from a target of opportunity towards a target of choice, where attackers are continuously or even patiently planning and executing advanced persistent threats (APTs).
While use of the new technologies of mobile, cloud and social media collaboration does expose the risk factor for companies and their data, the trick is in how to use these new technologies with a more thorough and mature security mindset (or mental posture). For instance, analytics. Analytics does not just have to be limited to analysing data for business objectives, the concept of data crunching can also be applied for security purposes, which improves the scope and scale of investigation. In other words, with security intelligence, companies find clues, loopholes, malicious or incompliant activity that would have gone unnoticed and undetected, hidden deep in the throes of an organisation's data.
Sign up for MIS Asia eNewsletters.