Besides that, Weinstein highlighted the need for organisations to have the mindset that they could be the next victim to better prepare themselves for such incidents. "While prevention is ideal, detection is a must. Firms should also be able to remediate threats to stop malware from spreading, and encrypt data to make it tougher for cybercriminals to use any leaked data."
Securing the modern data centre
While data centres are becoming more agile, dynamic and elastic as they move towards the cloud, organisations are struggling to secure such modern data centres. "This introduces an instant-on gap that can be exploited by attackers," said David Ng, Senior Business Manager of Trend Micro.
He thus proposed a new security architecture that provides a multi-layered defence to mitigate the increasing vulnerabilities in the modern data centre. The principles of the new approach are:
1. Security should be instant and automated.
2. Security for workloads should be adaptive and contextual. Security solutions should know what to protect and automatically does so, as well as provide specific security profiles such as firewall rules, and log inspection rules.
3. Security solutions should enable organisations to optimise their security resources for their modern data centres.
4. A layered security model is needed to defend against escalating threats. Ng advised firms to have a firewall, intrusion detection and prevention systems, anti-malware solutions, file integrity monitoring products, log inspection and encryption capabilities for an end-to-end protection.
The future security architecture
As BYOD and cloud become increasingly adopted, protecting network perimeters and having static firewalls would no longer be enough to protect an organisation. Dr Steven Wong Kai Juan, a Board Director of the Cloud Security Alliance Singapore (CSA), thus urged organisations to utilise CSA's software defined perimeter (SDP) architecture to better secure their networks.
"SDP is the standardisation of a 'need-to-know' access model, where the network is made dark until the entity is authenticated," said Wong. He likened SDP to gaining access to a hotel room -- anyone could enter a hotel but not everyone would have a key to access the room.
Control communication is separated from data communications in SDP, he explained, and that it should have five layers of security controls.
Firstly, the initiating host will be asked for a single packet authorisation one-time password before any communication can occur. After receiving the packet, the accepting server will enable the client to connect via mutual transport layer security (mTLS) on port 443.
Sign up for CIO Asia eNewsletters.