Backup Collaboration Mobile Security Storage Strategy Virtualisation

Securing the perimeter

Article Type: Strategy          Published: 01-2015         Views: 2763      



The enterprise perimeter does not exist anymore and a much more proactive approach to security is needed, says Bill Strain, CTO of cloud company iomart.

For the past fifteen years, the standard business defence against online attacks has been to deploy multiple layers of security controls. Organisations have relied on deploying security devices at specific points in the network for protection and on point solutions that look at specific threats in isolation.

But what we've been doing isn't working. Remember US retailer Target, which suffered one of the biggest data breaches in history last year when as many as 40 million customers saw their credit and debit cards become subject to potential fraud after a malware attack? Target was using Endpoint, Firewall, IPS and malware sandboxes. The sandbox detected something, sent multiple high priority alerts to the security team and the alerts got lost among all the others.

In this current era of the cloud and mobility, we now need to be thinking about defence in breadth, rather than defence in depth. These individual security devices all generate alerts, adding up to billions per year for large global organisations. This approach is a reactive and inefficient way to identify threats, and essentially gives attackers the upper hand.

A much more proactive approach to security is needed. The enterprise perimeter does not exist anymore. Corporate data resides all over the Internet at multiple third party suppliers, who provide the software and services your organisation relies on. So, more than ever you have to be reliant on the security capabilities of your partner.

It is common for service providers to have to contend with evolving DDoS attacks (Distributed Denial of Service], which have grown in size and frequency and sophistication in recent years. If successful, these can cause costly outages and affect service availability.

According to security firm Arbor Networks, which monitors more than 90Tbps of global internet traffic, DDoS activity in the UK is in line with global averages - and that's troubling. The barrier to entry for attackers has been obliterated by new tools that enable anyone with an Internet connection and a grievance to launch an attack. This is a true game changer, in terms of the threat landscape and which businesses should consider themselves as potential targets. Today, any business, for any reason, any real or perceived offence or affiliation, can become a target.

Here are some statistics from Arbor's latest report:

• In the first half of 2014, more than 38,000 DDoS attacks targeted the UK (17,359 in Q1 and 20,733 in Q2)
• The largest DDoS attack in the UK was 75Gbps
• The average DDoS attack in the UK was less than 1Gbps
• The length of DDoS attacks varied from an hour to several days (and ranged from 75Gbps to several hundred Mbps).

Managed customers need to know they are being protected to the very highest order. Rather than implementing one level of protection for an elite set of customers, we owe it to all customers to consider their security. This is where advance threat protection and pervasive network visibility can ensure your network is fully protected at its furthest outreaches.

There are very real consequences to successful cyber attacks. Targeted attacks that use malware to compromise intellectual property can have a severe impact on your business from a competitive standpoint. Increasingly, businesses are compelled to publicly disclose breaches that impact customer data; a nightmare for all involved. A successful DDoS attacks means your business is taken offline. This has the same impact to business continuity as, say, losing your electricity supply.

Page   1  2

Like this article? Click here to get the Newsletter and Magazine Free!

Email The Editor!         OR         Forward ArticleGo Top

PREVIOUS ARTICLE