Australian cloud-monitoring contender heads to US as businesses, service providers scramble to improve security visibility
- 10 November, 2017 11:12
As malicious attacks continue to morph and experts warn of a ransomware resurgence, growing demand for better visibility into network and cloud activities has driven Australian network-monitoring firm Sinefa to open a US office to support its push into the global market.
The company – which was founded in 2011 by Exinda Networks alumni Con Nikolouzakis and Chris Siakos – has built up a customer base that spans over 20 countries on the back of its eponymous network-visibility tool, which applies a consistent visibility interface that spans on-premises, hosted, and cloud-based systems running on Amazon Web Services and Microsoft Azure public clouds.
Visibility has become a catchcry amongst security managers that are finding the complexity of today’s cybersecurity threats compounded by the discrepancies between network topologies, particularly as digital-transformation initiatives extend operational activities into cloud platforms.
“It’s difficult to get visibility in cloud environments because you can’t tap into the network like you can in the physical environment,” Nikolouzakis told CSO Australia. “As the security or network manager you can log into this and go to any place geographically in the world and get real-time network usage showing congestion and network quality, with 100 percent coverage.”
Sinefa’s San Francisco office, to which Siakos has relocated, will give the company a boost into the “very large” US market through direct sales and support with a customer base that Nikolouzakis expects will broaden to include telecommunications companies and service providers as well as individual enterprises.
“Whether it’s a performance issue or a security breach, this is a way for telcos and service providers to give back to their customers with an independent tool that will show you exactly what is going on from an application performance and security perspective.”
Lack of visibility has increasingly become tied to a poor security response, with companies struggling to identify or respond to threats that they can’t even see. Security specialists have warned of the potentially dramatic effect on compliance, particularly in the wake of the recent accidental publication of nearly 50,000 Australians’ personally identifiable information by a government contractor.
That incident drove AWS to change its S3 Console to indicate which data buckets are configured for public access – but staying on top of such cloud-based vulnerabilities will require better visibility.
Cloud migrations are proving to be more of a motivator for security-minded boards than attacks themselves, but security specialists warn that companies must embrace better visibility before new ransomware threats become an even bigger issue.
The regular leaking of new exploits means the world is likely to see more similar large-scale ransomware attacks in 2018, an analysis by security firm Sophos has warned in its recently released 2018 Malware Forecast.
Australia was far from the most-infected country from April through September but, with 2.4 percent of global infections, it was continuing to punch above its weight – ahead of more-populous countries including Italy, France, and the Philippines and behind only the US, UK, Belgium, Singapore, India, Indonesia, Germany, the Netherlands, and Malaysia.
The report highlighted the ongoing threat from Cerber ransomware, which now accounts for 44 percent of all ransomware infections and has undergone many mutations to work around sandboxes, antivirus and other defences. Those regular updates, effected by “particularly nurturing” authors, have helped keep the country in the sights of ransomware perpetrators for some time.
Yet companies must take care not to be misled by the headlines, Gartner recently warned, and must focus on the biggest security threats and not necessarily the most well-publicised: 99 percent of the vulnerabilities exploited through 2020 “will continue to be the ones known by security and IT professionals at the time of the incident,” the firm advised.
Firms like Gemalto, RiskIQ and Avepoint have recently moved to tie visibility tools with data-protection policies that help companies meet compliance obligations. But Nikolouzakis believes platforms like Sinefa’s will continue to resonate as businesses continue to steamroll into the cloud.
“Organisations are moving to the cloud and they’re also digitising their business,” he said. “Because of that, it’s getting very hard for them to be able to see how the networks and applications and user are using the network. You need to have real-time insights – and being able to do this in real time, is where our strength is.”