Major threats appear 'just like that'

Read time 2min 30sec
Kevin McKerr says companies are often slow to react because the decision-making process takes too long.
Kevin McKerr says companies are often slow to react because the decision-making process takes too long.

Major malware threats can appear overnight and cause serious damage to companies before they even take steps to counter them.

This is according to Kevin McKerr, security sales lead at IBM SA, who addressed delegates at ITWeb Security Summit 2015 yesterday, in Midrand. McKerr said information security specialists have many different areas to pay attention to when it comes to thwarting attacks.

These include users, databases, software, applications, mobility and other end-points. However, he said the enterprise is not nearly as flexible in dealing with threats as the cyber criminals are at developing them.

New technological capabilities come with new vulnerabilities, he said. "But how do you keep up with attacks when there is a shortage of IT security skills and rising costs to secure your data? How fast can you address an attack when your solutions aren't integrated? How easily can you articulate and demonstrate the business value that security technology brings to your organisation? Or are you left just keeping the lights on and hoping to escape the next threat?"

In addition, said McKerr, the market is fragmented when it comes to the number of vendors available, which makes it a challenge to come up with a complete technology portfolio to protect companies.

"We can't live in a world where we have to deploy a thousand different technologies just to have a cyber crime framework." He noted malware now accounts for 80% of all the losses in financial institutions and has appeared strongly on the radar in the last six months.

Slow reaction

Another issue, said McKerr, is companies are often too slow to react because the decision-making process takes too long. He notes it takes on average six to 12 months from when a threat is identified to it actually being dealt with.

Many of the problems in rolling out a solution come at the request for proposal stage, said McKerr. He has experienced instances in which the request stalled, was withdrawn and then rewritten, adding months to the process.

By comparison, malware known as Dyre has gone from zero to the top of the log when it comes to local software infections and infiltrations "just like that", said McKerr. He explained the malware, which is designed to counter anti-malware, was not seen locally and then became the top problem facing enterprises in just five months.

To deal with these sorts of issues, McKerr recommended the use of analytical software that probes an organisation's needs, strengths, capabilities and specific security target areas to develop a business case.

This, said McKerr, will speed up the process of getting defensive software into organisations.

See also