Web application, insider threat attacks to continue into 2013: Imperva

Application security vendor shares its predictions for the security space

When it comes to the security landscape of 2013, a lot of organisations will continue to be attacked via their web applications.

Imperva A/NZ regional sales director, Kane Lightowler, bases this observation on seeing more examples, both locally and globally, of organisations being compromised through their web applications.

“Traditional defences such as firewalls and IPS’ [Internet Protocol Security] don’t protect web applications, thus dedicated technology to protect against this threat are needed,” he said.

“This trend is not going to stop anytime soon until the adoption of web application firewalling is increased.”

Another trend Lightowler sees is insider threat, but not in the traditional sense.

“We used to see insider threat as a malicious internal employee, but what we’re seeing today is compromised insiders,” he said.

This has meant businesses are getting infected by remote access Trojans, which are enabling cyber criminals to siphon off data and steal intellectual property.

“This trend has been acknowledged by the FBI and Department of Homeland Security in the US, as well as local authorities, and we see this trend driving a big focus on data security,” Lightowler said.

Due diligence

2012 has already been a busy year for Impreva, with the application security vendor opening two new offices in Australia and doubling its head count in the last 12 months.

Lightowler attributes this growth to Imperva winning several large, strategic accounts, as well as expanding its distribution network and reseller channel, which has opened up more mid-market and above opportunities.

“We’ve been winning a lot of business in very large banks, insurance, telecommunications and government, but the enablement of our distribution network has really helped us to reach a larger portion of the smaller end of the market,” he said.

The company also assigned a new distributor earlier in the year, Digital Networks Australia (DNA), and has been recruiting new channel partners across new industries to expand its reach into other parts of the market.

“We’ve also added a number of new technologies to our product portfolio, specifically a Cloud and Sharepoint security offering, which has really helped us expand into new verticals within the technology stack,” Lightowler said.

While 2012 was a good one for Imperva, Lightowler admits that some aspects of the market were challenging compared to past years.

For one, organisations were prudent as ever with all of their spending, predominantly with technology used for security reasons.

“It’s important as ever, but there’s more due diligence being done on all projects,” Lightowler said.

So while Imperva continue to grow and add new customers, Lightowler says that it often seems that projects are not being awarded as quickly.

“Things are taking a lot more time as organisations go through this due diligence,” he said.

Join the CSO newsletter!

Error: Please check your email address.

Tags ImpervaWeb applicationsecurity

More about Digital Networks AustraliaDigital Networks AustraliaFBIImpervaIPS

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Patrick Budmar

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place