Checkmate your attackers

The security game has changed. The simple tactics of moves and counter moves is no longer working. More businesses are being successfully attacked despite the numerous point solutions available; worse, many don't even know they have been attacked until it's too late.

The problem is that the attacks and attackers themselves have evolved. Forget the old faceless image of a socially-introvert hacker as your opponent. Today's hackers are well-oiled enterprises in their own right; and they work for money not just for sport. This has led to an increased sophistication in attacks. Some use smokescreen tactics to divert attention away from their true malicious goal; others trade and barter secret business information gleaned from social engineering.

Our modus operandi has also changed, especially in Hong Kong. With businesses asking employees to collaborate more and become mobile, many constantly share information and access key applications through a variety of constantly-connected devices. This has increased application and network security risks, and made the security walls porous.

The risk of non-compliance is another issue that keep CIOs awake through the night. With regulations becoming more stringent, businesses are hard-pressed to comply. Those who don't, not only face huge fines but risk tarnishing their reputations irreversibly.

Don't sacrifice your pawns unnecessarily

It's better to view today's security as a chess game. Your security policies and solutions are your pawns on the chess board they are constantly evolving. Reacting to your opponent's moves is not enough; it makes you defensive and blinds you from multi-modal attacks. Every chess player knows that a winning strategy requires you to nullify the opponent's strategy, prepare for counter moves and protect your king--the company data.

So why doesn't the old approach of using point solutions work? First, it comes from a militaristic point of view that assumes your business is a castle and building strong walls can thwart your attackers.

Today, however, businesses are diverse, disparate and extremely mobile. Networks lie at the heart of many businesses, enabling them to adapt to a dynamic market, exploit new and fleeting opportunities and improve operational efficiency. Clouds have also changed internal infrastructures. In the name of better efficiency and cost savings, many are adopting cloud-driven application delivery models to be more agile.

All these changes mean that vulnerability against network threats--such as DDoS and DNS attacks--have increased exponentially. A single network outage can not only bring businesses to their knees, but open a gaping hole for intruders to create backdoors or even steal secrets.

Access security, once seen as an option, has also become mandatory. With employees working from disparate locations and becoming increasingly mobile-driven, who gets access to which applications becomes important. Without a good access management system, businesses are vulnerable to attacks from both insiders and outside hackers.

A well-rounded security framework can offer you an in-depth look at the risks and threats that your entire infrastructure faces, allowing you to plan for the right security measures. It also allows you to understand the security impact of deploying architectures like Bring Your Own Device (BYOD) have on the entire infrastructure.

How to protect your king

So where do you begin? Here are three things to keep in mind when building a complete security framework.

First, become application-centric--not just network-centric. Why? That's because the way we use applications, often seen as the lifeblood of businesses, has changed drastically.

According to F5 iHealth data surveys, the majority of applications are accessed via the Web. Mobiles have introduced a shift in the devices we use to access these applications. According to Gartner, 2.7 billion mobile devices will be shipped in 2017 and 40 percent of the workforce will be mobile. Meanwhile, Clouds are changing the way applications are developed and deployed.

Most network infrastructures have also not kept pace with the way we use applications. Many are largely not application-aware, and are ill-prepared for sophisticated or multi-modal attacks at the application level. An application-centric approach, which goes beyond device or network-centric ones, offers a smarter approach.

For example, F5 Networks'( new F5 Synthesis, made up of a high-performance services fabric, intelligent services orchestration and simplified business models, reduces operational risks. By enabling you to centrally deploy and manage application services consistently, it ensures fewer deployment errors that often exploited during an attack.

Second understand that the network, not your servers, is the Achilles' heel. So protecting your network using a multi-tier security model is important.

For example, a two-tier DDoS protection system properly deployed can stop volumetric, asymmetric, computational and vulnerability-based DDoS attacks. Often the first tier at the perimeter uses layer 3 and 4 network firewall services. This will root out most attacks. A second tier--consisting of more sophisticated and also more CPU-intensive services, such as SSL termination and a web application firewall stack--can act as a secondary defense to thwart more sophisticated or brute force attacks.

Lastly, understand that humans, not machines, are the biggest threat to your security framework. It's no secret that most hackers use social engineering to overcome sophisticated security defenses and access vital information. So the money spent on training on awareness, deploying a real-time access management system enterprise wide and enforcing consistent security policies across the business will go a long way to thwart would be attackers.

Avoiding checkmated

Good enough security is no longer good enough. A complete security framework deployed enterprise wide, instead of just point security solutions, can help you understand the severity of the threats your business faces.

A holistic security framework anchored by an enterprise-wide security solution, can future-proof your organization against new attacks and regulations. It can also allow you to use contextual intelligence to root out new attacks before they become security threats.

In the end, you need to accept that your business will always be under attack. And at any time, an attack can be successful. Instead of crossing your fingers behind your back, it is far more prudent that you are well prepared to recover from one. Armed with a universal security framework, you can reduce the chance of being blindsided, fooled or even checkmated. It's your move.

Linda Hui is the managing director at F5 Networks in Hong Kong and Taiwan. With more than 17 years of experience in the information and telecommunication industry, Hui is responsible for overseeing and steering the company's growth in Hong Kong and Taiwan.

Join the CSO newsletter!

Error: Please check your email address.

Tags security

More about F5F5 NetworksGartner

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Linda Hui

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place