Vendors and academic institutions need to work together to clamp down on cyber crime.
This is according to Wolfgang Kandek, CTO for Qualys, an IT security, risk and compliance management solutions provider.
Kandek will speak at next month's ITWeb Security Summit to be held on 10 to 12 May at the Sandton Convention Centre in Johannesburg. His presentation is entitled: 'The inconvenient truth about the state of browser security'.
During the summit, Kandek will reveal the latest statistics from Qualys' ongoing research projects around security vulnerabilities and malware.
Security companies are losing the war against cyber crime, as hackers release threats at a faster rate than vendors can patch vulnerabilities.
Kandek calls for security companies and universities to work together to get the upper hand against cyber criminals. “In terms of improving research, the global security industry needs to work together and to exchange data in order to be able to react faster to new threats.”
He explains that the security community is enormous and each company traditionally takes a siloed approach to address the same issues.
“If a company looks at a problem, it only sees a part of the threat landscape. We have to collaborate with security companies from all over the world to get a bigger view of attacks. We can make much better decisions on security protection from more data.”
He says this is particularly true for SA, where a lot of local companies simply don't have the necessary financial and IT resources to run massive malware simulations and research.
“We would like to work closely with universities and other security organisations in order to improve security awareness and education.”
On whether there could be some resistance by security companies to share their data, Kandek says: “Whenever we see people and companies working together, there might be resistance in the beginning, but the value and insight that comes from it outweighs the risks.”
Kandek says: “Cyber criminals are getting smarter. It used to be relatively noticeable when a PC had been compromised by malware. The PC would run slower, and an online user would be able to detect whether a virus or Trojan has infected the system.
“But today, it's becoming more difficult for anti-viruses to detect whether a PC has been infected or not. Today's attacks leave a machine working normally with little signs as to whether the system has been compromised.”
He says education is critical to fight cyber crime. “Today, most attacks are deployed through known software and operating system vulnerabilities, to release zero-day attacks.
“The main vector to become infected, used to be e-mail, but now it's through zero-day attacks and drive-by downloads. Last week, the US Postal Service Web site got hacked and started to infect other users visiting the Web site with malware.
“On average, it takes a vendor around 30 days to deploy a patch after a vulnerability has been identified. More mature companies can reduce this to five days.
“We want to make people aware of the importance of patching and that their operating system is continuously updated.”
Kandek indicates another major challenge is that mobile devices are entering and leaving the corporate network and this makes an enterprise more vulnerable to attacks.
He says that the firewall has become outdated because mobile devices such as laptops, smartphones and tablet devices carrying important business information are not always protected by the enterprise firewall.
This makes the devices vulnerable to malware exploits, which can be used to infect the corporate network once the device is connected.
“This puts additional stress on IT administrator and it makes patching a greater value proposition,” adds Kandek.
Kandek is a frequent speaker at security events including Black Hat, RSA Conference, InfoSecurity, IT Europe and The Open Group.
Share