Menu
Menu
‘The user is today’s new corporate security perimeter’

‘The user is today’s new corporate security perimeter’

'The security perimeter in organisations is dissolving - IT and security management can no longer count on well-defined network security perimeters to protect their organisations,' according to the latest Global Threat Intelligence report.

“Security vulnerabilities are mostly related to end-user systems and not servers," according to the latest Global Threat Intelligence Report. by the NTT Group.

End users are the new organisation’s security perimeter, according to the report, which was based on more than six billion incidents worldwide in 2014.

They are increasingly using their devices both inside and outside the corporate security perimeter – thus IT and security management can no longer count on well-defined network security perimeters to protect their organisations.

“Threats targeting end users are higher than ever,” says Matthew Gyde, group executive – security for Dimension Data, which is part of the NTT Group. “Security vulnerabilities are mostly related to end-user systems and not servers.”

The research finds a massive increase in malware detections on Monday mornings. This is the time users reconnect their devices to the corporate network. “This trend supports the contention that the security perimeter in organisations is dissolving,” says Gyde.

Read more: ‘Not using cloud is just like fighting gravity’: Glenn Gore, AWS

“It appears that successful exploits occur over the weekend when end users - and their devices - are outside the security controls of the corporate network. This indicates that traditional security controls are effective at protecting the corporate network, however assets that transition between corporate and external access points are at greater risk.”

Gyde says controls that address this trend must focus on the user and their devices, regardless of location, and points out that seven of the top 10 vulnerabilities identified were on end-user systems. End users become a liability and that’s because their devices often have many unpatched vulnerabilities, he states.

Related:Bringing cyberanalytics to the frontline

Read more: Winning users’ hearts and minds

It appears that successful exploits occur over the weekend when end users - and their devices - are outside the security controls of the corporate network.

Matthew Gyde, Dimension Data

Gyde says the malware industry is maturing, with malware becoming commoditised and available through dark net marketplaces. This means the barrier to entry for cybercriminals is a minimal financial investment, but for a potentially large return.

“And this trend is not about to disappear,” he states. “As users become more accustomed to always-on, real-time access to corporate data, they also become the targets of criminals wanting those same data sources. In summary, users and their devices become the criminal’s entry point.”

The report finds attacks against business and professional services increased form 9 per cent to 15 per cent. Finance continues to be the number one targeted sector, accounting for 18 per cent of all detected attacks.

Related: The top cyber risks for NZ in an interconnected world

Send news tips and comments to divina_paredes@idg.co.nz

Follow Divina Paredes on Twitter: @divinap

Follow CIO New Zealand on Twitter:@cio_nz

Sign up for CIO newsletters for regular updates on CIO news, views and events.

Join us on Facebook.

Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

Join the CIO New Zealand newsletter!

Error: Please check your email address.

Tags information securityuserssecuritydimension data

More about Dimension DataFacebookThreat Intelligence

Show Comments