News

Industries

Companies

Jobs

Events

People

Video

Audio

Galleries

My Biz

Submit content

My Account

Advertise with us

Cybersecurity News South Africa

Three things African organisations need to know about the cyber security innovation race

Cyber attackers are increasingly innovative and so they are able to enhance their capacity to outpace state-of-the-art security technology. Keeping up with an ever-changing threat landscape is key to ensuring your defences are optimised in the cyber battle. There are three things you should know to ensure your IT security stays ahead of the attackers.
Paolo Campoli
Paolo Campoli

1. Attacks are more sophisticated and disruptive

If enterprises aren't evolving as fast as they can, then the attacking community is going to leave them in the dust. The recent Cisco 2015 Midyear Security Report highlighted the latest threats, which include:

• The increasing exploitation of Adobe Flash vulnerabilities mean that they are being regularly integrated into widely used exploit kits such as Angler and Nuclear.

• Malware authors are amplifying their use of techniques such as sandbox detection to conceal their presence on networks.

• Criminals are once again using Microsoft Office macros to deliver malware and evade security protections.

• Operators of crimeware, like ransomware, are hiring and funding professional development teams to help ensure their tactics remain profitable.

• Criminals are turning to the anonymous web network Tor and the Invisible Internet Project (I2P) to relay command-and-control communications while eluding detection.

• Some exploit kit authors are using excerpts from Jane Austen's novel, Sense and Sensibility, into web landing pages so that antivirus and other security solutions are more likely to classify these pages as authentic.

It is vital that companies remain aware of these hazards and ensure they keep abreast of the latest attack innovations, as these are becoming increasingly lethal. The seriousness of this threat to South African businesses was highlighted recently in the drafting of the Cybercrimes and Cybersecurity Bill.

2. An integrated solution means faster time to detection

Time to detection is the most important metric in security; we have to see it to stop it, and the faster we see it, the faster we can manage its implications. Speed means agility and adaptability and ultimately the destruction of threats.

Detection ideally needs to be done in minutes, even seconds. However, the current industry standard of threat detection is 100 to 200 days, which means that the hackers are winning. Cisco has managed to reduce threat detection to just 46 hours, which we believe is still too long, and needs to be continually improved upon.

Faster time to detection can be enhanced by introducing an integrated solution. A patchwork quilt of security products and solutions is impossible to manage. Simplicity is key. Vendors must be vigilant in developing integrated security solutions that help organisations be proactive and align the right people, processes, and technology. Organisations face significant challenges with point product solutions and need to consider an integrated threat defense architecture that embeds security everywhere, and will enforce at any control point.

3. Turn to trustworthy solutions, products and vendors

As the security industry addresses increased fragmentation, a dynamic threat landscape, and how to cope with a rising shortfall of skilled talent, businesses must invest in effective, sustainable and trusted security solutions and professional services. The technology industry, in turn, must provide reliable and resilient products and services, and security businesses must deliver vastly improved, yet meaningfully simplified, capabilities for detecting, preventing, and recovering from attacks.

IT vendors have to up their game across their service offering to be defined as trustworthy. Companies want to buy from vendors they believe in, vendors who can prove they are transparent and who have a statement of principles that they follow. This includes everything from developing a life-cycle of a product that has security in mind, to making sure you have a secure supply chain, to the instrumentation of products which you can test.

This year Cisco will highlight the various cyber security concerns that service providers face at AfricaCom 2015. Scheduled to take place between 17 and 19 November at the Cape Town International Convention Centre, AfricaCom promises to draw over 10,000 delegates within the technology space. With the acknowledgement that cyber security should be a top priority for all businesses, experts at the 2015 AfricaCom Conference will unpack the various threats and viable solutions to cyber-attacks in a hyper-connected world.

About Paolo Campoli

Paolo Campoli, Head of Global Service Provider Sales, Middle East and Africa at Cisco
Let's do Biz