User lock-down or education? Just one of today’s cybersecurity issues in a rapidly evolving landscape
According to the recent PwC report, The Global State of Information Security Survey 2018, companies around the globe are becoming more reliant on cyber capabilities. This means that, in turn, they must also recognise and manage the associated risks, or make themselves vulnerable to large-scale events with significant disruptive consequences.
Anton Jacobsz, managing director at Networks Unlimited South Africa, says, “There has been so much evolution in this arena that the cybersecurity of the old days is not the security of today, when we have so many different teams looking at so many angles of the data. Right across the security network, solutions need to be based on next generation thinking, such as authentication, finger printing and the two-token system. The market needs to understand that threats do not come only from the outside – advanced threats also attack from the inside.
“Security today does not mean just your firewall – we need to think about the impact of applications security, Distributed Denial of Service (DDoS) mitigation and entry points into your network through e-mails and Wi-Fi, for example. There is a need to cover entry points and exit points: your perimeter means nothing if you don’t have security monitoring traffic to and from the edges. This raises issues such as, ‘Do you lock down your users or educate them?’ and so it can be seen that there is no one solution to the issue of cybersecurity.”
Jacobsz says security experts need to have a dual strategy: one for the network edge and one for the data centre. “However, these were not built to integrate and so bottlenecks are created with a two-phased security at both the edge and the core. You are also dealing with more than one vendor and this brings a multi-phase defence, and the need to continuously evaluate your environment. We also have to look at issues such as capex vs opex models in servicing, and what products to use and how to fund them.
“From a trend perspective, Gartner has predicted that in time, we’ll see mergers and acquisitions resulting in just three or four big security vendors, selling hosted services and offering massive data centres and very large teams in order to provide those services. Another trend that we see in the future is the ongoing rise of digitisation and the Internet of Things (IoT), and with it the mindset of instant consumption from your consumer-based clients. In turn, this means that from a security perspective, you need to know what you want to secure, and where. For example, a bank needs to be able to secure everything on the network to make it unappealing to the would-be thief.
“Finally, I think the biggest trend we will see in our market in the next two years is the onset of requirements around the Protection of Personal Information Act (PoPI), and how this legislation is set to change what businesses can do with customer and corporate data.”
Under PoPI, any business that holds customer or client data is responsible for securing that information. In order to prevent confidential personal information from being stolen or compromised, companies must ensure that they have put in place technical measures to protect the information that exists within the organisation, such as network firewalls, disk encryption for all hard drives, antivirus and anti-phishing software, and strong password protection.
Jacobsz says, “Customers should ask themselves the following when investing in security infrastructure and software: what do we need to protect, and why; how do we want to protect it; where is the highest risk; how do we weigh up costs versus security mitigation; is the business actually willing to invest in cybersecurity in order to protect itself; how much data do we need to protect; can we store off-site; how easy is it to manage our network security requirements; and can we outsource our network security? The question of liability, as per the looming requirements of the PoPI Act, needs to be implicit in all of these aforementioned issues.”
Against these concerns, Jacobsz clarifies that Networks Unlimited offers solutions at all stages of network security, including offerings in the realm of DDoS, advanced threats, prevention and response, next generation firewalls, next-generation deception-based tools, ransomware, phishing and Wi-Fi security. Networks Unlimited partnerships in the cybersecurity realm include the following:
- Network security and network monitoring products, to protect networks from denial of service attacks, botnets, computer worms and attacks aimed at disabling network routers.
- Unified threat management to deliver solutions that improve performance, increase protection and reduce costs.
- Comprehensive phishing defence solutions to condition users to recognise and report attacks, while working to reduce phishing-related breaches by speeding the collection and response of phishing threats in real time.
- Intelligence-driven security solutions that give clients the ability to detect, investigate and respond to advanced threats, confirm and manage threats, and prevent IP theft, fraud and cybercrime.
- Encryption, advanced key management, tokenisation and privilege control to protect and manage data, identities and intellectual property as well as meet regulatory compliance.
- Deception-based platforms which exercise deception-based detection throughout every layer of the network stack, enabling efficient detection for every threat vector, ultimately deceiving attackers into revealing themselves and thus closing the detection deficit.
Jacobsz concludes, “It can be clearly seen that we cannot define security as falling into just one area, but rather it requires attention to many areas. This brings with it the need for multiple interactions across partners and the need for seamless communication and seamless data sharing. Collaboration is most definitely on the rise, which can only be a good thing as the threat landscape itself keeps evolving in complexity.”