2012: the year business must revisit security basics

Experts warn 2012 could be the year that businesses pay the piper

It may be that 2011 was the year of the DDoS, but security experts warn that 2012 could shape up to be the year businesses really pay the piper as a broad range of attacks pummel them for years spent overlooking and underfunding their security.

Research group Ovum is among the many prognosticators warning of a security explosion, cautioning that mobility technologies will be among the biggest source of technology problems as their adoption dovetails with mega-trends such as mobile device management, IT consumerisation and cloud-based data analytics.

All of these trends dramatically change the profile of enterprise data management and the risk associated with it – and companies need to respond to the explosion in data leakage points with strong penetration testing and mobile device management capabilities.
"Organisations must learn to live in a state of compromise and should plan and act as though they have already been breached," Ovum warned in a research note.

Given that many organisations wouldn't know if they were breached and have little formal defences even if they were, this can be a big ask.
For this reason, some security vendors expect big things from next-generation firewalls (NGFW) – firewalls with broad scope that add extra layers of policy-based security controls to give companies better management of their online applications.

Compared with deep packet inspection-based intrusion detection systems (IDSes), NGFWs enable highly granular, policy-based controls over access such as time-based access, access rights for individual applications, port controls and so on.

Rather than being seen as a replacement for existing security controls, Sourcefire Vulnerability Research Team senior researcher Alex Kirk says companies considering their security postures in 2012 should think of ways to increase their overall security posture by adding extra layers of protection.

"The idea that you're ever going to be able to not miss anything is a bogus one," Kirk says. "There is no 100% security solution. But I'm a strong believer in the idea of depth and length; by layering your security, even if one device isn't well suited for finding a particular behaviour, perhaps another one is."

"The reality is that over 90 per cent of attacks are those where the attack [is known] and people already have a way to remediate the problem. But in many places there is not an appropriate number of resources being put into keeping the network secure. NGFW stands in a
position to add to the overall security posture of any organisation."

Tasmania's Department of Education (DoE) is among the organisations taking a proactive approach to build the new security environment, having recently signed on with systems integrator Alphawest to use Symantec Endpoint protection to lock down over 40,000 PCs and 700 servers running Windows, Mac OS X and Linux.

In addition to the usual security protections, the new platform offers integral support for mobile devices as well as Web-based email systems. It also incorporates reputation-based ranking that assigns security ratings to a large number of online files.

This sort of protection reflects Ovum's push for companies to look beyond conventional security solutions to consider holistic protections – and the implications of mobile strategies. "As online learning continues to become more integrated with traditional classroom learning and mobile devices become more prevalent in the classroom, we'll see a need for increased, flexible and proactive security," said Tasmania DoE IT infrastructure manager David Briggs.

"You do have new security threats coming on a regular basis," says Sourcefire's Kirk, "but a big part of the issue is the diversity of software being run in the field and the complexity of the software you do have. Different vendors are paying very different levels of attention to security – and until the entire industry is focused on building security into the development process, we're going to see more attacks. So companies need to be keeping their software up to date, and paying more attention to the basics of security."


Join the CSO newsletter!

Error: Please check your email address.

Tags symantecovumsecurityddosDoE2012mobility technologiesalphawestsourcefire

More about AlphawestCisco SecurityCisco SecurityetworkLinuxOvumSymantec

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts