Johannesburg, 15 Aug 2017
With today's ever-evolving threat landscape, organisations have been forced to invest millions into multiple security technologies such as firewalls, intrusion prevention systems, endpoint security, honeypot solutions and the like in order to reduce their risk of being breached. No company can afford to lose access to its precious data, and even fewer can afford to pay for its return should it be held hostage by ransomware.
Shailendra Harri, Business Development at CHM Vuwani, says: "Unfortunately, the resulting panic-acquisition of security solutions to defend against all manner of possible cyber-attack has resulted in a large disconnect because of companies finding themselves with an array of inherently different security solutions from various vendors. Then there's the additional challenge around visibility. Who has the resources to physically monitor several systems all day every day for potential threats?"
"The major challenge that we face is the complexity of managing different solutions for different security requirements," says Harri. "What's needed is for your different security solutions to talk to one another and to provide a single overview of the threat status of your organisation at any given moment."
In the first part of this year alone, the number of cyber attacks exploded around the world, with approximately 200 000 new malware threats being discovered on a daily basis. This can place a massive burden on smaller security teams and lead to them responding reactively instead of taking proactive measures to prevent the incidents from happening in the first place.
Three steps to cogent security
Whilst this may all sound like doom and gloom, some of the most successful security teams in the world have managed to resolve these issues to some extent using the following:
1. Artificial intelligence, behavioural analytics and machine learning
Even the most driven and enthusiastic employees eventually run out of steam during the day and rely on the coffee machine to get them through the afternoon. The strength of artificial intelligence lies in its ability to process thousands of logs every second that would take humans weeks to analyse. This could be used to gather critical relevant information that enables humans to work more efficiently and thus reduce response times to identified threats. The global average time that it takes for an organisation to detect that it's been breached is currently in excess of 200 days.
2. Correlation
Having a single pane of glass view and a log collection engine that allows scrutiny of multiple sources enables a more accurate identification of potential threats. This assists thinly spread personnel to focus their efforts on the correct areas and prioritise threat management.
3. Training
Harri says: "We often come across environments with adequate security controls in place, but the staff haven't been trained properly to react to the alerts received. With a constantly evolving threat landscape it's vital to ensure that your security personnel are constantly upskilling themselves, either through formal training and certification programmes or through continuous interaction with the industry."
Share