Story image

Opinion: Why agility matters in the war against cybercrime

06 Jun 18

Article by Endace EMEA senior director James Barrett

Business agility has long been vital for competitiveness. It drives everything from developing a customer base to capitalising on new opportunities. But as companies generate huge volumes of valuable data, the reality is that most are constrained by hardware solutions and lack of agility, rendering few able to respond to emerging cyber threats anywhere near quick enough.

Meanwhile, hacker’s agility remains unrivalled. Verizon’s 2015 Data Breach Investigations Report found the median time it takes for a phishing campaign message to get its first click was 82 seconds, while 60% of phishing attacks are able to compromise an organisation within minutes.

It’s proof of exactly how important agility is becoming, with evidence showing that the faster a data breach can be identified and contained, the lower the resultant costs. The 2017 IBM Cost of Data breach study showed strong correlation between the speed with which an organisation can identify and contain data breaches and the financial impact of the breach. Research results showed that in 2017 the average number of days taken to identify a data breach was a staggering 191, and while the cost of data breaches varies from country to country, the average total organisational cost of a breach in the United States was, for example, $7.35 million.

Note that this number doesn’t include post data breach costs, including the cost to notify victims. Soon, with the advent of GDPR and other similar regulation worldwide, businesses will have a maximum 72 hour window to understand what has caused the breach, whether it has been stopped, how much data has been lost and inform any individual affected from staff to shareholders. It’s enough to make a company anxious about agility.

Preparing for an unknown future

From a corporate perspective, the definition of agility is changing. It is no longer solely about responding quickly to attacks, but also around the ability to continue to evolve security capability and keep ahead of the attackers - which includes the ability to deploy new solutions or upgrade solutions quickly.

Companies trying to defend their networks from cybercrime are finding it increasingly harder to build defences that are agile enough. This is because the majority of security solutions are still being deployed as hardware appliances, which are expensive to buy and maintain on the basis that they are often single function or a single vendor vertically integrated solutions.

Other issues include the time needed to deploy and configure hardware solutions due to the need to raise budget, evaluate vendors, do proof-of-concept, purchase, deploy and configure - all of which can take months. Due to the nature of the CapEx cycle, these products are automatically given a limited budgetary lifetime too, generally being given little more than five years before being written off.

Agility by way of virtualisation

For a business to be truly agile when it comes to security, the need to move beyond hardware is paramount. Businesses need to look to virtualisation the same way they have with datacentres, where it has helped companies to remove the overhead of managing many individual hardware-based servers. From an analytics point of view, virtualisation can do the same thing, removing the need for expensive hardware, and facilitating the delivery of analytics solutions that collect packet data.

With packet data, companies have access to the definitive evidence of breaches, suspicious activity or network performance issues. This helps not only reduce unplanned downtime, but gives every cybersecurity team the ability to investigate a threat or a network performance issue quickly and conclusively so that they can respond appropriately.

How quickly and accurately businesses are able to respond to attacks is not a nice-to-have, but fundamental to competitiveness on a global scale and, if it isn’t number one on the boardroom agenda, it should be.

Cofense launches MSSP program to provide phishing defence for SMBs
SMBs are highly susceptible to phishing attacks, and often lack the resources necessary to stop advanced threats
Hillstone CTO's 2019 security predictions
Hillstone Networks CTO Tim Liu shares what key developments could be expected in the areas of security compliance, cloud, security, AI and IoT.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Security platform provider Deep Instinct expands local presence
The company has made two A/NZ specific leadership hires and formed several partnerships with organisations in the region.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.
Stepping up to sell security services in A/NZ
WatchGuard Technologies A/NZ regional director gives his top tips on how to make a move into the increasingly lucrative cybersecurity services market.