//////////////////
ALI SLEIMAN,
TECHNICAL
DIRECTOR –
MEA AT INFOBLOX
EDITOR’S QUESTION
firewalls, while important components of any defence, are wrongly
seen as sufficient safeguards against targeted attacks and advanced
persistent threats (APTs).
These risks require new approaches to security that emphasis
visibility and monitoring for early detection and threat removal but
teams have been slow to adopt them.
C
ybercriminals are not only increasing their methods to gain
an advantage but security teams have become complacent
and increasingly unaware that a breach has happened until
it is too late, such as was the case with Wannacry attack and Uber in
2016 that affected 57 million customers and drivers.
Complacency can take many forms and companies that are at high
risk tend to have an unfounded belief that they are secure against
attacks. The belief that a company is too big or too small to be in
danger, not investing in endpoint security and cyber insurance, not
vetting their partners adequately and failing
to assign proper responsibility, can lead to
weakness that prevents companies from
discovering vulnerability.
There could be major technical and procedural consequences
for enterprise security as a result of complacency. Organisations
feeling safe, may delay investing in endpoint security, while their
ability for remediation and report on breaches is not enough
to protect them from sophisticated attacks and the advanced
character of current malware.
Moreover, security teams struggle to identify APTs and reduce
the amount of time that malware lingers on the network without
being found. This relates to the lack of tools that they are using for
continuous monitoring to keep tabs on a
variety of potential risks.
“
Threat exists regardless whether you are
a small or a huge operation. It is critical to
realise that the ingredients exist for a breach
to ultimately happen and organisations need
to mitigate the risk. Recent record-breaking
DDoS attacks on DNS infrastructure, for
example, have shaken IT managers out of
their complacency, and now organisations
are starting to realise that DNS vulnerability
is a real risk and needs to be mitigated.
Some executives may claim to be protecting
customer data and company reputation as we have seen in the
case of Uber. However, more often than not organisations lack an
enterprise resource management programme increasing the chances
of a breach. Companies are also heavily reliant on vendors and
partners for infrastructure maintenance and consulting.
THREAT EXISTS
REGARDLESS
WHETHER YOU
ARE A SMALL OR A
HUGE OPERATION.
Overall, complacency leads enterprises to believe that what they’re
currently doing is enough. Traditional tools such as antivirus and
36
INTELLIGENTCIO
Networks today have many new endpoints
including smartphones, tablets and other
mobile devices not to mention big data
and analytics, which also mean that
organisations have to monitor additional
network activity more than ever.
The challenge is that complacency will create
vulnerabilities that extend all the way to
the end user related to increased network
activities behind the scenes.
Fortunately, companies like Infoblox are
starting to provide organisations with a major boost to their security
efforts, educating and executing on a cybersecurity strategy that
addresses cutting-edge threats such as DNS security.
With APTs and targeted attacks taking off, network security teams
must get out of their complacency and keep pace by using dedicated
security software measures that protect and extend the capabilities
of existing infrastructure.
www.intelligentcio.com