In your estimation, has data centre been less of a priority in enterprises than network and endpoint security?
Yes, to some extent, data centre has been less of a priority in enterprises. The gap lies in the fact that most enterprises have security solutions in place that were developed at a time when threats were simpler and less sophisticated. These solutions, such as anti-virus, malware protection and next-generation firewalls, are simply not able to keep up with today's evolving security threats. This means that protecting data at its source-within the data centre-is the only way to be assured of comprehensive protection against hacking attacks.
Gartner also released a report in 2012 (Hype Cycle for Application Security, Gartner Inc., July 2012) with its views on endpoint security, "Applications and data are the main focus of the modern cyber attacks. However, existing identity, endpoint and network solutions are insufficient for their protection." Today's challenge is to deploy and manage security within and outside the firewall, and companies are realising that they cannot conduct business without data centre security.
How does Asia's enterprise security landscape compare to that of the US and the rest of the world?
In general, organisations from different countries face the same kind of challenges when it comes to enterprise security-be it for endpoint, network and data centre (the three security pillars). Where the enterprise security landscape differs is in the concentration of investments and attacks in each security pillar. Across Asia, we still see organisations focus most of their resources on malware and firewalls.
In China, next generation firewalls occupy the largest market share–24.65 percent–in the security industry. With more incidents of data breaches happening in the region, there are a growing number of companies that are recognising the importance of data centre security.
Of course, organisations cannot close the gaps alone in a silo. We see more collaborative efforts by the media, government and industry from our US and UK counterparts. But this is not to say that Asia is lagging behind. The Singapore and Australian government are actively stepping in to improve the enterprise security landscape. Singapore for example recently announced that S$1.2 billion (US$0.96 billion) in government infocomm tenders will be issued in the next financial year.
Where are the biggest security gaps today?
As IT infrastructures become more complex, the biggest concern among CIOs is the lack of defences to address the biggest security gaps today:-
* Unpatched Web Applications—As noted in the 2014 Verizon Data Breach report, "Web applications remain the proverbial punching bag of the Internet." Today's hackers ruthlessly target Common Vulnerabilities and unpatched systems to launch multi-site attacks that take control of Web Servers and allow perpetrators to flee with valuable data assets. HeartBleed stands as the most notorious example of a known vulnerability attack that gave attackers ample opportunity to profit from unsecure Web applications.
* Non-Advanced Persistent Threat—These types of attacks are difficult to prevent and according to our latest Hacker Intelligence Report, they can be conducted relatively easily. Attackers obtain access privileges and access-protected data by targeting the weaknesses of Microsoft NTLM protocol using nothing more than knowledge of common Windows protocols, basic social engineering, and readily available software. In order to mitigate damage, security teams need to understand how to protect critical data assets once intruders have already gained access.
* DDoS Bots—Botnets are still the backbone of all cyber-criminal operations. A huge network of compromised systems can be used by an intruder to create denial of service attacks. According to a report released by Imperva's Incapsula (Imperva Data Security Blog: The rise of DDoS Botnets, 2 April 2014), more than 25 percent of all botnets are located in India, China and Iran.
* Insider Threats-Insiders pose a significant risk to data security. A Forrester report states that 22 percent of publicly reported data breaches and security incidents in 2013 were caused by data governance failure. South Korea experienced a major theft of personal information from credit-card holders, affecting 40 percent of the population. The employee who was working as a software engineer for three credit companies was writing anti-fraud software during the same time that he was stealing data.
Sign up for CIO Asia eNewsletters.