| |||||||||
| |||||||||
Current Filter: Security>>>>>Opinion> Massive Attacks - We're Still in Denial Editorial Type: Opinion Date: 11-2014 Views: 2322 | |||
| The enterprise perimeter does not exist anymore - and a much more proactive approach to security is needed, says Bill Strain, CTO of cloud company iomart. For the past fifteen years, the standard business defence against online attacks has been to deploy multiple layers of security controls. Organisations have relied on deploying security devices at specific points in the network for protection and on point solutions that look at specific threats in isolation. But what we've been doing isn't working. Remember US retailer Target, which suffered one of the biggest data breaches in history last year when as many as 40 million customers saw their credit and debit cards become subject to potential fraud after a malware attack? Target was using Endpoint, Firewall, IPS and malware sandboxes. The sandbox detected something, sent multiple high priority alerts to the security team and the alerts got lost among all the others. In this current era of the cloud and mobility, we now need to be thinking about defence in breadth, rather than defence in depth. These individual security devices all generate alerts, adding up to billions per year for large global organisations. This approach is a reactive and inefficient way to identify threats, and essentially gives the attackers the upper hand.
MORE PROACTIVE It is common for service providers to have to contend with evolving DDoS attacks (Distributed Denial of Service], which have grown in size and frequency and sophistication in recent years. If successful, these can cause costly outages and affect service availability. According to security firm Arbor Networks, which monitors more than 90Tbps of global internet traffic, DDoS activity in the UK is in line with global averages - and that's troubling. The barrier to entry for attackers has been obliterated by new tools that enable anyone with an Internet connection and a grievance to launch an attack. This is a true game changer, in terms of the threat landscape and which businesses should consider themselves as potential targets. Today, any business, for any reason, any real or perceived offence or affiliation, can become a target. Here are some statistics from Arbor's latest report:
• In the first half of 2014, more than 38,000 DDoS attacks targeted the UK (17,359 in Q1 and 20,733 in Q2)
HIGHEST ORDER OF PROTECTION There are very real consequences to successful cyber attacks. Targeted attacks that use malware to compromise intellectual property can have a severe impact on your business from a competitive standpoint. Increasingly, businesses are compelled to publicly disclose breaches that impact customer data; a nightmare for all involved. A successful DDoS attacks means your business is taken offline. This has the same impact to business continuity as, say, losing your electricity supply.
Page 1 2 | ||
Like this article? Click here to get the Newsletter and Magazine Free! | |||
Email The Editor! OR Forward Article | Go Top | ||
PREVIOUS | NEXT |