Subscribe

Fighting the new style of cyber crime

The nature of the cyber crime landscape is shifting, says Rashmi Knowles, chief security architect in the EMEA region for RSA, the Security Division of EMC.


Johannesburg, 25 Aug 2014
Rashmi Knowles, Chief Security Architect in the EMEA region for RSA, the Security Division of EMC.
Rashmi Knowles, Chief Security Architect in the EMEA region for RSA, the Security Division of EMC.

The nature of the cyber crime landscape is shifting. No longer are the main threats related to the theft of personal details and financial information - like capturing logon credentials, identity theft and stealing credit card data. Today's most destructive breaches relate to the theft of corporate intellectual property. A dark underworld of online industrial espionage is developing below us, where careful, targeted attacks are unleashed on companies' most valuable data assets.

This is the view of Rashmi Knowles, Chief Security Architect in the EMEA region for RSA, the Security Division of EMC. She cites the example of a pharmaceutical company, for instance, that may spend tens of millions of dollars in R&D for a particular drug, only to have their information compromised and for the drug to be released in another country at low cost.

The theft of IP is something that Knowles believes is vastly under-reported in traditional media circles - as companies do their best to keep the attacks quiet. Unlike in other types of breaches (such as customer credit card details for example) there is never any statutory requirements to disclose the breaches.

"Good security always encompasses people, processes, and technology," she starts, explaining that if an organisation is weak in any of these aspects, however strong it may be in the other areas, it is vulnerable to attack.

The evolving threats see attackers using methodical background research, and highly convincing, targeted social engineering tactics that are directed at key employees in an organisation. One won't find, for instance, the poorly worded mass distribution phishing emails that have been spamming our inboxes for years now.

Knowles notes that the industries most at risk of this kind of attacks include defence, other public sector departments, financial services, and any industry that has a high-value intellectual property - such as business consultancies for example.

Vulnerabilities now hold the potential to have such a colossal impact that it's natural for IT security and IT governance to move from an IT responsibility, to a senior business leadership responsibility, at board level, she adds.

"As we transition to what we call the 'third platform of IT', where billions of users are consuming content and interacting with organisations in various, fluid ways, the nature of security changes."

In this third platform, ecosystems are connecting employees, suppliers, partners and other stakeholders to the point where the 'perimeter' is difficult to distinguish. "In reality, there is no perimeter," she notes.

"Protecting against these threats becomes a complex, ongoing challenge," she advises.

Corporations need to balance deep levels of employee awareness, with automated controls and alerts that monitor behaviour - including things like user credentials, permissions, encryption, data loss prevention policies and technologies, implementing policies around data flow, for example.

"The biggest issues are: how to train the 'human firewall'; and how to help employees recognise and prevent suspicious activities."

She says a number of companies have been highly successful in presenting security information to staff in the form of interactive, gamification tools. Organisations should present resources that help employees stay safe at home and at work.

An important trend to recognise is that attackers are increasingly targeting corporations in Africa - particularly in Anglophone countries across the continent. As security in general becomes tighter in many developed world countries and organisations, behaviour shifts to developing world.

Sophisticated attacks on organisations' IP resources on the continent is expected to accelerate in the coming years, Knowles predicts.

Knowles advises organisations to remain alert to the changing nature of cyber-crime, as they focus on the two key goals - of shrinking "dwell time" (the time between the start of an attack, and its detection) and improving the speed and effectiveness of its response to attacks.

Share

EMC

EMC Corporation is a global leader in enabling businesses and service providers to transform their operations and deliver IT as a service. Fundamental to this transformation is cloud computing. Through innovative products and services, EMC accelerates the journey to cloud computing, helping IT departments to store, manage, protect and analyse their most valuable asset - information - in a more agile, trusted and cost-efficient way. Additional information about EMC can be found at www.EMC.com.

RSA

RSA, The Security Division of EMC, is the premier provider of security, risk and compliance management solutions for business acceleration. RSA helps the world's leading organisations succeed by solving their most complex and sensitive security challenges. These challenges include managing organisational risk, safeguarding mobile access and collaboration, proving compliance, and securing virtual and cloud environments.

Combining business-critical controls in identity assurance, encryption and key management, SIEM, data loss prevention, continuous network monitoring and fraud protection with industry-leading eGRC capabilities and robust consulting services, RSA brings visibility and trust to millions of user identities, the transactions that they perform and the data that is generated. For more information, please visit www.EMC.com/RSA

Editorial contacts

Maselotsha Mphahlele
FCB Redline
(011) 566 6000
Sonelia Du Preez
EMC Southern Africa
(011) 581 0033
sonelia.dupreez@emc.com