Johannesburg, 10 May 2018
Stories of cyber attacks hit the news almost daily, data breaches, DDOS attacks, e-mail hacks and phishing attacks, reminders of the dangers of the Internet. Yet, somehow, all of these attacks still seem foreign, as though it would never happen to us. The reality is, South African businesses are affected by these threats. IQ Retail MD Chris Steyn knows this all too well and has seen first-hand the dramatic rise of new age threats such as ransomware.
Software company IQ Retail provides expertise in complete financial and business administration solutions, focusing on the development of business systems for the accounting and retail management environment. Since its inception in 1986, IQ Retail has grown to become one of the premium providers of innovative business solutions.
"Few businesses realise the seriousness of these threats and the damage they can have on a business," says Steyn. "The problem we have found is twofold; firstly, businesses do not have adequate security software protecting their network, and secondly, they do not have effective backups in place", continues Steyn.
He recognises these advanced threats stem from a situation in which hackers no longer need to be tech savvy, with access to ready-made malware toolkits available on the dark Web. New malware variants are created daily and many security vendors are unable to keep up. As a result, businesses are being attacked more often and cyber crime has become more profitable and easier to implement than ever before.
Speaking from his experience working with many South African businesses Steyn says, "We have noticed two week spikes in attacks that most often occur on the weekend when there are few people in the office. This puts businesses in a tough position that often leads to payment of the ransom or worse, a loss of company data"
Taking note of the shifting dynamic, IQ Retail developed a multi-layered approach, implementing security solutions at every level of their infrastructure, as well as ensuring backups are in place and procedures are being followed. Despite the company's efforts, ransomware was still able to penetrate the network.
Advanced protection
In order to prevent further breaches, Steyn and his team did extensive research into solutions offered by various vendors. They discovered that conventional AV solutions are unable to prevent zero-day Ransomware and other advanced threats from entering the network.
Steyn turned to Panda to implement a final effort to mitigate the threat of ransomware. "Through our research, we realised that Panda's Adaptive Defense 360 software is the only solution that could give us comprehensive protection. AD360 allows us to proactively manage the security on our network and track possible risk situations" says Steyn.
The solution
Steyn explains the current environment requires new generation protection solutions such as Adaptive Defense 360 that provide an Endpoint Detection and Response (EDR) service to accurately classify all running programs on your network. This means that only legitimate programs are able to run.
Panda's EDR technology model is based on three phases: continuous monitoring of applications on a company's computers and servers. Automatic analysis and correlation using machine learning on Panda's big data platform in the cloud. Finally, endpoint hardening and enforcement, blocking all suspicious or dangerous processes with notifications to alert network administrators. AD 360 combines EDR with full conventional Endpoint Protection (EPP) to deliver comprehensive protection.
Panda Security Africa Regional Manager Jeremy Matthews will speak at the ITWeb Security Summit this month, sharing his insights into how you can effectively root out advanced persistent threats with new-generation endpoint technology.
The ITWeb Security Summit is southern Africa's definitive conference and expo for information security, IT and business professionals. This year, over 70 expert speakers will deliver key insights across seven tracks, including workshops and training courses during the expanded five-day event. The ITWeb Security Summit will be staged at Vodacom World, Midrand, from 22-23 May 2018; and CTICC Cape Town on 29 May 2018. Focused and interactive workshops as well as in-depth training courses will be run in the days around the main conference and exhibition.
ITWeb Security Summit 2018
Registration is open for the ITWeb Security Summit 2018, being held in Johannesburg on 22 and 23 May and in Cape Town on 28 and 29 May. This is the must-attend annual event for information security professionals, featuring international speakers, workshops, as well as a beginners' guide to cyber security. Click here.
Share