SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
Cloud Services
#
DDoS
#
IoT
Measure and mitigate risk to build a comprehensive cyber defense
Tue, 12th Sep 2017
FYI, this story is more than a year old
By Sharon Chan, Regional Security Director, AT-T
Follow us

The vast majority of cyber attacks are preventable. From our 2016 cybersecurity insights survey, more than 90% of attacks are known threats, or their variants, for which software patches already exist. But why does this happen? Are enterprises not aware of their risks, or not able to fill the gaps in their defenses?

Knowing your risks

It is helpful to think of cybersecurity risk as a three-dimensional concept: a function of threat, vulnerability and consequence.

Threats exploit vulnerabilities. AT-T data shows that 90% of US organizations had at least one malware-related incident during 2016, when ransomware and distributed denial of service (DDoS) attacks soared. Ransomware exploits vulnerabilities in software, giving hackers an entry point to encrypt data and demand payment to unlock it.

DDoS attacks, while traditionally disruptive, are also increasingly being used as leverage for extortion. We also found that 65% of financial services companies had experienced an advanced persistent threat (APT) incident last year. In this scenario, the hacker targets your network and enters without detection to monitor and steal information over an extended period of time, perhaps even years.

Vulnerabilities can be software bugs and design flaws, risky user behavior and other gaps in your cybersecurity defenses. Hackers constantly look for these gaps: the AT-T network detects 5 billion vulnerability scans a day, and blocks malicious scans and malware events to protect customers. In 2016, 80% of organizations reported at least one security incident caused by an insider, often inadvertently via an unsecure Wi-Fi network, for example.

Internet of Things (IoT) devices are a growing vulnerability. Gartner estimates 20.4 billion connected things will be in use by 2020. While most are open to attack today, there will be more connected things to secure in a few years. Enterprises can also be made more vulnerable through growth by acquisition, and by asset digitalization and cloud adoption, if these are not carefully handed.

Consequences encompass legal measures, asset losses and brand impact, though the latter is hard to measure. If your CEO has her phone hacked and it contains work-related emails so that sensitive customer or employee data is lost or compromised, disclosure may be legally required, but what would this do to your corporate reputation?

Every business has a different level of risk. For some, compliance issues loom large; for others, cloud adoption is an unnecessary complication. What is true for all, however, is that while threats are often beyond our control, vulnerabilities can be managed and reduced. We can mitigate and transfer risk, but not eliminate it completely.

Evolving your approach

The threat landscape is changing as organizations become more digital, transition to software-defined networking (SDN), and rapidly adopt cloud and IoT technology and mobile devices. Security measures need to evolve in tandem. To manage existing and new risks demands new solutions and new security skillsets. In this environment, adaptive security is now coming into its own and offers a continuous response. It has three components:

  • Contextual awareness. Collecting information from different sources enables you to make more accurate decisions faster.
  • Automation. When change comes as quickly as it does today, while experienced security expert is still a key factor for reducing false positives, automation does improve detection and response time significantly to contain the loss or destruction.
  • Integration. Security silos are a sweet spot for motivated cyber criminals. Security solutions need to be integrated.

At AT-T, for example, we work with more than 90 organizations to collect threat intelligence and we apply machine learning to this data to help us identify attacks immediately, or in some cases, to see them coming. We are also in the midst of transitioning to SDN to provide a faster response and more integrated solutions for customers: 75% of our network should be virtualized by 2020.

Defending against threats

To begin building a comprehensive cyber defense, enterprises need to first review and prioritize current risks to provide a direction for security investment. In our experience, web and email are two key areas that every business, no matter what size, needs to pay more attention to. Regular patching and backups, highly secure access control and having an incident response plan in place are fundamentals that you cannot ignore.

With an understanding of your known risks, you can then consider your upcoming business plans to determine what may need to be done now to ensure that these do not compromise security. For example, an IoT project will increase risk. However, a multi-layered approach to security that protects data in transit and at rest, from the IoT endpoint to the application, helps reduce vulnerability to mitigate this risk.

Expert support can be of great value in evaluating threats, predicting risk, reducing vulnerability and preparing to react quickly and effectively when threats materialize. 

Related stories
Business leaders anxious over data security – report
Keeper Security launches user-friendly passphrase generator
How attackers target security blind spots: Three real-life lessons from the SOC
First-party data collection prioritised due to privacy laws
MotivationWorks upgrades cybersecurity with Radware
Top stories
Fortinet recognised as Challenger in Gartner's 2024 Magic Quadrant for SSE
Coalition integrates cyber risk platform with top cloud services providers
Secolve & Asimily join forces to boost Australia's IoT security
Armis warns of major cyber-attack risk to 2024 global elections
i-PRO to support Genetec SaaS with new AI-enabled camera models