Subscribe

New security strategies are needed


Johannesburg, 03 Oct 2005

In the second quarter of 2005 there was a 300% quarter-on-quarter increase in security incidents involving compromised bot machines - PCs that play unwitting host to "zombie" code.

This is according to McAfee, who focus on intrusion prevention. The company reports that incidents involving the malicious code, also known as "bot" code, reached 13 000 from April through June Q2. That is quadruple the number tracked by the company in the previous three months.

In fact, McAfee estimates that 63% more machines were exploited by bot programs and spyware than by adware in the first six months of this year than in the whole of last year.

The challenge for business today, according to Greg Day, security analyst at McAfee, is that more and more infections are occurring even though companies use up-to-date anti-virus software.

"Anti-virus updating, in most instances, is just a reactive process. With the speed of attacks escalating daily, the ever-increasing number of rogue users, third party connections to a company`s infrastructure and more portable users than ever before, it has become critical for companies to protect the business against the methods and not only the attacks," says Day.

The key, according Day, is a proactive and priority-based approach to risk management. "If over 95% of network attacks are targeted against known vulnerabilities and mis-configurations, then the goal of the organisation should be to proactively find and reduce the number of severe vulnerabilities across the network to measurably and tangibly reduce risk - in a way that simplifies, not complicates.

"Enterprise resources are limited so by focusing on the most important assets, vulnerabilities and threats first, the enterprise can direct resources where they`ll have the greatest return while improving the security health of the organisation."

This process of mitigating risk by carefully balancing asset value, vulnerability severity and threat criticality is the focus of McAfee`s Live Attack road show from 18 to 20 October.

During the road show, Day plans to demonstrate the weaknesses of current solutions. By using some of the most critical network worms and mass mailer attacks of 2005 in a live demonstration, he will illustrate the extent to which organisations are being compromised on a daily basis.

"In the end, an effective security strategy starts with understanding what`s important to the organisation. But it also requires an understanding of today`s attacker, their motives and methods and how they could impact the business, as well as knowing what protection methodologies are available and how to apply them to the enterprise," Day concludes.

About the road show

The Live Attack road show, hosted by McAfee and ITWeb, takes place in Johannesburg (18 October), Cape Town (19 October) and Durban (20 October). To register, go to http://www.itweb.co.za/events/mcafeeroadshow/2005/default.asp or contact Denise on (011) 807-3294 or by e-mail at denise@itweb.co.za.

Share