Expanding security approach

I recently read an article in ZDNet Asia that reported that approximately 67% of Singapore organizations had experience a cyber attack in the last 12 months. Further, 95% of those that were attacked experienced some form of financial impact from the attacks. While I cannot comment on the results of the study directly, the results are not unexpected.

Overall, IDC believes that over the coming years the number of cyber attacks will continue to increase. The main drivers for this are threefold. The first driver is value of intellectual property that can be gained through the cyber attacks has continued to grow. Over the past year IDC has seen an increase in the number of Advanced Persistent Threats (APT) attacking corporate and government ICT systems. The attack on Lockheed Martin involving the breach of RSA SecurID tokens earlier this year is an example of this type of attack. These attacks tend to be the most sophisticated of all attacks.

The second driver is financial. In many cases the goal of the attack is to gain consumers personal financial information for pure theft. These attacks tend to be less sophisticated as the targets tend to be less aware of the security threats. IDC believes that these types tend to increase during economic downturns, which is exactly the time that enterprises are looking to cut budgets. The reason for the increase is an increase in financially distressed people with IT skills who are willing to turn to nefarious ways to maintain their income.

The third and final driver is an increase in hactivism by organizations like Anonymous. These attacks are motivated by a growing population of disaffected people. They are looking to make a statement about a real or perceived injustice. These tend to be much more simple attacks such as denial or services attacks.

In order to address the rising number and in some cases the sophistication of cyber attacks, IDC believes that organizations will need to approach security in a different way. The traditional methods of isolating systems through firewalls will not be sufficient as the systems become more complex. From a traditional IT perspective the introduction of both public and private clouds create significant challenges.

Additionally, the consumerziation of IT and policies like bring your own device dramatically increase the number of threats that organizations will face in the coming years. IDC expects these threats will only grow as the number and variety of mobile devices continues to expand.

In the coming years, IDC recommends that organizations need to expand their approach to security. Security needs to become more advanced and organizations will need to take a more holistic approach to security. This will involve the deployment of a variety of products from different vendors and IT consulting and integration services required to make systems all work together. From a product perspective, the systems will need to become application device and location aware. For example, going forward it will no longer be sufficient to merely determine that I am allowed to access a certain system or data. The security system will need to know what type of device I am using, where I am, and what type of network I am using before granting access.

Finally, IDC believes that organizations will need to do a much better job of educating their employees. In many cases the employees may know that they employer has a security policy, but have no idea what that policy is. This can be a delicate process as most end users eyes tend to glaze over when IT begins to discuss the rising security threats and what steps are needed to prevent a breach. Further, most end users view security not as an essential part of their computing environment, but as a roadblock to productivity. To overcome these objections, IDC believes that IT will need to better speak the language of the end user. In many cases this is difficult for IT to do.

Poon Wei Ang contributed to this analysis

Matt Healey is the Program Director at IDC Asia/Pacific, heading the Software and Services Research teams. He is responsible for identifying growth markets, evaluating vendor market share and emerging trends across all software and services markets.

The original document can be found atIDC Circle

Join the CSO newsletter!

Error: Please check your email address.

Tags security

More about APTetworkIDC AustraliaLockheed MartinRSA

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Matt Healey

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place