Subscribe

The changing face of cyber defence

Kirsten Doyle
By Kirsten Doyle, ITWeb contributor.
Johannesburg, 16 Apr 2018
Martin Potgieter, co-founder and technical director of NClose
Martin Potgieter, co-founder and technical director of NClose

Information security is a burgeoning, multibillion rand industry, yet businesses across the board keep on suffering breaches. Last year, headlines about high-profile breaches littered the news, suggesting that even corporate giants with the biggest security budgets are vulnerable to attack.

ITWeb Security Summit 2018

Registration is open for the ITWeb Security Summit 2018 in Johannesburg and Cape Town. Ex-perts from around the world will be presenting, including global security expert Mikko Hypponen, who has been instrumental in uncovering and bringing down several infamous threats, and has assisted law enforcement agencies across the globe. In addition, several other top speakers will be sharing their knowledge, including Intel's Rodrigo Branco who will unpack blinded random block corruption attacks for the audience. Get involved in #SS18HACK and choose from three half-day workshops or a full-day boot camp, plus five training courses, and much more. For the agenda, click here.

#SS18HACK is open for registration - click here for more information.

To find out more and register for the ITWeb Security Summit 2018, go to: http://v2.itweb.co.za/event/itweb/security-summit-2018/?page=agendaday1

Effectively securing today's digital environments remains elusive. For decades, security vendors have pushed their products and solutions, saying this particular tool or that particular solution is the answer. It isn't. Although those statements might have been valid at some point, it is no longer the case.

According to Martin Potgieter, co-founder and technical director of NClose, 'defensive regression' is the concept that defence systems implemented today will regress and be somewhat less effective tomorrow.

He says this poses a very real threat to organisations across the board, and in the majority of cases it's too late when they realise this. Almost all breach reports will offer evidence of this. The organisation in question might have had the latest and greatest technology, but they were still compromised without detection.

However, Potgieter says defence is changing, with less reliance on vendor-produced "prevention" technologies and a move to defence engineering, which is making defending the organisation more achievable.

Defence teams are now building and designing their own detection mechanisms which are constantly evolving. "As the offensive community publishes new vulnerabilities and ways to exploit them, the defensive community is coming up with, and publishing new and creative ways to detect these methods.

"Defenders have finally caught up to and in some cases are winning this cat-and-mouse game."

He says this change has taken place over the last five years or so, and is supported by a few facts. "Firstly, a rise in the number of organisations that provide defence engineering services or capability. Secondly a rise in thought leaders in the defence space, many of which were inspiring in the offensive space years ago."

Finally, Potgieter says there is a change in how vendors are allowing and even encouraging integration of their products with other products, allowing customers to implement their own creative defence engineered solutions.

"Our work is by no means is over, attackers are well resourced and better funded than compared to a decade ago, so as defenders we will need to continue to evolve our methods," he adds.

Potgieter will be presenting on 'Defeating defensive regression', during the ITWeb Security Summit 2018, to be held at Vodacom World in Midrand, from 21 to 25 May. During his presentation, he will define the concept of defensive regression and deep dive into some of the root causes of it, as well as look at different ways to mitigate against it.

Share