Catalytic information technology
- 03 March, 2010 22:00
Ultimately, you cannot secure what you don’t manage. However, organisations are facing enormous internal and external challenges. They are striving to reduce costs, minimise risks and achieve near-term ROI. Meanwhile externally, malicious activity is growing at a record pace and internal data breaches are becoming more prevalent and costly.
The amount of data organisations have to deal with is growing exponentially year on year.
- The average medium-to-large organisation experiences data growth at 50 percent a year, doubling the amount of information they need to secure and manage every two years.
- Energy costs in a typical datacentre doubles every five years.
- The average storage utilisation is currently about 35 percent.
As well, the technology trends of the evolving threat landscape, the consumerisation of IT and cloud computing will impact your business – if they have not already.
Threat landscape – risks to information
While many traditional security risks are still prevalent, attackers have shifted from mass distribution of a few threats to micro-distribution of millions of distinct threats. Today, servers auto-generate new malware – unleashing individualised attacks. Every month Symantec blocks an average of more than 250 million attempted malicious code attacks. Every 30 minutes, security software stop about 200,000 attacks.
Today, visitors to the same website can each get infected with new and different pieces of malware.
And now hackers are concentrating their efforts on financial gain.
- Last year more than 90 percent of all the threats detected attempted to steal confidential information.
- 78 percent of confidential information threats exported user data.
- 76 percent used keystroke-logging to steal information such as online bank account credentials.
Reputation-based security – shifting the strategy
It no longer makes sense to focus on malware, but to focus on analysing “goodware”. Today most malware is written by attackers who are professional cyber criminals involved in organised crime.
A new, hybrid approach to virus detection and protection is necessary. Best of breed reputation-based security technology will lead the way to a safer and more secure operating environment. This marks a significant shift in the way leaders in information security and IT infrastructure management will protect computer users from cyber crime. As reputation management software restricts the introduction of “bad” software, administrators can focus less on cleaning virus infections and more on supporting business-critical initiatives.
Data Loss Prevention (DLP)
We all know that cyber attacks result in lost productivity and lost revenue, but what about internal problems?
There are three primary sources of a data breach:
- Well funded and sophisticated criminals.
- Well meaning insiders who are either careless or simply following poorly designed business processes.
- Malicious insiders who steal information for personal gain.
Most organisations lose data through theft or loss of portable devices. Theft of laptops and storage devices accounted for 48 percent of the data breaches that could lead to identity theft and for 66 percent of possible identity exposure. Employees are a growing source of risk through lost USB drives or mis-sent emails. However, some breaches are committed deliberately – a recent US survey revealed that 59 percent of employees take company information when they leave an organisation.
Businesses worldwide are losing critical data and it is costing them money. According to the Ponemon Institute, the average cost per compromised record is just under US$200. Cost per breach averages US$6.3 million in legal and PR fees – and lost business. In the past organisations responded by building higher and stronger walls, but those won’t maintain a successful business ─ decision-making depends on access to information.
New developments in workflow capabilities help businesses integrate technologies and automate processes previously done manually. We need workflows that bring together policies and DLP. If the DLP system detects information being transferred against policy, a workflow alert can inform staff of the violation or lock down the system.
Consumerisation of IT
IT is becoming ‘consumerised’ by the ongoing growth of endpoint devices. The lines between private and professional have all but disappeared – co-mingling of information on personal and corporate devices is commonplace and employees are connecting their own personal devices to the network. Many companies now allow staff to choose hardware and software based on what they need to best perform their jobs, not what the IT department decides.
Employees want to access information they need to do their jobs anywhere, anytime and from any device. As well, social networking is being embraced by organisations ─ many employees access popular social networks throughout the day.
As computing models shift and virtualisation takes on an increasingly important role, communication methods, data archiving and usage become simpler. With the threats to data within organisations becoming more persistent and sophisticated, constant innovation is necessary to stay ahead of cybercrime.
Mark Bregman is executive vice president and chief technology officer at Symantec, and is responsible for the company’s development centres in India and China.