Securing the enterprise in a brave new digital world

By Martyn Young, Systems Engineering Director for ANZ, F5 Networks

The security threat landscape has changed dramatically in ways unfathomable from just a few years ago. In today’s digital world where applications range in the millions, organizations need to be aware of the fact that enterprise infrastructure is not the only vulnerable spot for hackers.

Alongside all the utopian efficiencies and connectivity that this digital world has brought to businesses, it has also provided hackers various channels to commit fraud in many creative forms. Hackers today are sophisticated enough to embed viruses and malwares in applications and networks as well as utilize devices as tools to carry out fraudulent activities. Hence, traditional security methods such as next generation firewalls and reactive security measures are losing the fight of being effective against the new breed of attacks.

Needless to say, the growing complexity and the rise of many unknown forces in the battle for information, has undoubtedly forced Australian organizations to rethink current security strategies in place for their networks, applications and data from ever-changing threats.

Threats continue to loom

Statistically the occurrence of cyber attacks is increasing in an alarming way. In 2015, more than $234 million worth of financial loss was self-reported by individuals and small companies to the new Australian Cybercrime Online Reporting Network.

What is worrying is that Australia has dropped from second to fifth in the Asia Pacific in its ability to protect itself from cyber attacks, according to a report by The Australian Strategic Policy Institute (ASPI) analysis.

It is fair to say that criminals are evolving faster than many enterprise risk strategies. The bad news is that cyber-attacks are getting larger in scale and more creative in their ways, while not discriminating between SMEs and global multinationals.

Protect your enterprise

We all know that security is a global issue and isn’t going away anytime soon. Enterprises today face attacks of increasing sophistication and frequency, protecting applications and data is a complex and often costly challenge.

As customers deploy more enterprise-grade applications and services across traditional data centre and cloud environments, the need for an in-depth security strategy has never been greater.

Organisations that depend on their online presence for survival require a holistic security strategy that not only protects themselves, employees, customers and end-users against attack vectors, but is also able to react quickly when attacks happen to minimise damage.

So what can organizations in Australia do to protect themselves more effectively?

Securing the enterprise

Predicting a cyber-attack is difficult, and perhaps not quite possible.

With enterprises becoming increasingly interconnected environments, security professionals can no longer take a myopic view on security.

A common misconception held by many is that using technology like a firewall is sufficient to protect an organization’s networks but this no longer holds true today. Organizations’ must look at other technologies, such as web application firewalls.

Web application attacks are often tuned and created for a particular application, and are missed by traditional security measures.

Instead, enterprises need to accept that hackers will infiltrate their networks. Hence, enterprises need to strike an equal balance between protect – mitigate and react – defend approaches.

Tilt the balance, and the security strategy will not be as effective.

Protect– Many enterprises today place a lot of focus on mitigating attacks which is undoubtedly important. There are ways a company can keep their applications, services and even their entire network online, without stopping legitimate traffic. At the same time, understanding who is attacking the business, as well as how and why, can help prevent an attack from causing too much damage and can help protect against future attacks.

React – Defending an attack is equally critical because there is no silver bullet approach to completely eradicating cyber attacks. This is an important process to minimise damage and keep the business and service running.

For example, the Silverline services process incoming traffic and detect, identify and mitigate threats in real-time. As traffic enters the scrubbing centers’, it is triaged based on various traffic characteristics and possible attack methodologies. Traffic continues to be monitored as it traverses the scrubbing centre to confirm the malicious traffic has been fully removed. Clean traffic is then returned through the enterprise’s website with little to no impact to the end user. The clean traffic is then returned to the site, keeping any attacks from reaching the organization’s network and enabling businesses to stay online and available.

…Or risk fading out

As globalization narrows the distance between businesses and people, cyber security threats, which are getting more dynamic and complex, loom low. Businesses will need to focus on implementing an in-depth security strategy to minimize risks and safeguard their brands, reputation, intellectual property, as well as protect their users on all fronts.

The big question to ask before it’s too late is whether your enterprise is safe in the brave new digital world today?

Join the CSO newsletter!

Error: Please check your email address.

Tags security threatsprotecthackersSMEsASPIdigital worldattacksnext generation firewallscyber secuirtyEnterprise ManagementfraudsecurityreactionfailureUtopiacybercrime

More about SilverlineStrategic Policy

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Martyn Young

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts