Security

Prevention is no cure for cyber attacks

Read time 2min 10sec
The average time a company spends to detect an attacker is over 200 days, says Symantec's Antonio Forzieri.
The average time a company spends to detect an attacker is over 200 days, says Symantec's Antonio Forzieri.

IT leaders should not be focusing only on prevention to protect their company's business. Instead, their security strategy should be expanded through four phases: preparation, protection, detection and response.

So says Antonio Forzieri, EMEA cyber security practice lead at Symantec, adding the "main difficulty here is the lack of resources and skills".

Forzieri will present at ITWeb Security Summit 2015 in Johannesburg next week, where he will describe the most common attack techniques, how they were used and why the attackers were successful. He will also expand on approaches companies can follow to improve their security initiatives.

The average time a company spends to detect an attacker is over 200 days, according to market research, says Forzieri, adding often when attackers are detected, companies are unable to react effectively.

"I've seen very well-prepared customers with a very well-documented incident response plan in place, panicking during a breach simulation and not being able to clearly identify and eradicate the attacker from the environment."

He believes companies should dedicate a "considerable part of their budget to detection and response technologies/services", as well as concentrate on getting the basics right. "We have seen during investigations that 98% of breaches happen because companies keep failing on the basics: applying patches, testing their security posture and choosing strong passwords - just to name a few."

ITWeb Security Summit 2015

The 10th annual infosec event from ITWeb is a 'must-attend' experience for every IT and security professional and senior manager with business and information management responsibilities. Click here to register.

Commenting on the impact of social media, Forzieri says people tend to share much more than they should. Leveraging the amount of information available via social media plus some metadata analysis gives attackers options to compromise their targets, he adds.

"Whatever technique the attacker is using, there's a common ingredient in all of them: the human factor. Social engineering techniques are heavily adopted and customised by attackers and are extremely useful in bypassing any protection technology the target may have in place. Unfortunately, we cannot install a patch in our users, but we can train them, train them and train them."

Forzieri will join over 30 other thought leaders and subject matter experts at ITWeb Security Summit 2015, at Vodacom World, in Midrand, from 26 to 28 May. Click here to find out more and to register.

Have your say
Facebook icon
Youtube play icon