Threats evolve and attackers are constantly changing the game. "Attackers are using broad vectors of attacks to penetrate all elements within our environment," said Barracuda Networks sales engineer, Southeast Asia, Fadhly Hassim. "As organisations reach out to customers through social media and Web applications, they are also opening up new avenues of attacks."
Attacks are no longer confined to traditional entities such as banks and public institutions. Retailers have been hard hit as well as cyber criminals follow the money trail. "It is easy to procure attack kits or services off the Internet. Web exploitation kits can be easily used to attack thousands of servers in seconds," he said. "Thus an organisation's security solution strategies and architecture must be flexible to adapt to the changing environment and secure every part of the security domain including its perimeter, content and application."
Constant connectivity has expanded the perimeters of technology aiding in the rise of cyber crime. Increased attacks have shown that many security solutions are incomplete, overly complicated and ineffective. "Endpoint security has changed. In the past, it was about stopping malware infection. Now it detects compromised machines and remediates detected threats on a variety of workstation and mobile platforms," noted Sophos Philippines regional pre-sales engineer Julius Suarez. "It is also now more focused on data, ensuring it is encrypted and accessible only to authorised users, regardless of where the data lives."
RSA senior technology consultant Andrew Chang pointed out that with the advent of cloud and mobility as well as a broader supply chain, the attack surface was expanding and more difficult to monitor. "Attacks are now less visible and leverage on weak points in the network or supply chain. These attacks show that attackers are single-minded, determined, innovative and patient. Their goal is long-term persistent undetected access," he said. "Traditional security tools are failing as they depend on signature-based solutions which only detect known bad."
He continued: "Tools and processes must adapt to provide visibility, analysis and action in battling such attacks. Logs, while helpful, give basic security information which is not detailed enough to spot attacks and understand what is truly happening in an environment. Organisations need to leverage on multiple data sources to see the entire picture."
Cyberoam pre-sales manager, APAC, Niket Shah, agreed that many organisations were fighting new threats with old tools. "This leads to security gaps opening up back doors and creating blind spots within the system. Most organisations fail to recognise that complexity is an enemy," he said. "It is a challenge to develop the right matrix to strengthen security while enabling productivity. In setting up the matrix, identify and document critical assets in your infrastructure so that you know what resource to protect, what your vulnerabilities are and how threats you are afraid of could occur."
A quality factor
Sign up for CIO Asia eNewsletters.