|Innovating The Next Big Thing||May 22, 2013|
• Telecom & Commerce
• Smarter Phones, Devices & Apps
• Enterprise Mobility
• Wireless Web
• Arts & Entertainment
• Tablets & Notebooks
• Safety & Security
• Remembering 9/11
Next Innovator Group
Feedjit Live Web Stats
• Ghost City
Ovum: Cyber activity is keeping the CISO awake at night
Jul 10, 2012 – Andrew Kellett
The most worrying issue for C-level security professionals, and the thing that often keeps them awake at night, is the fear of the unknown. The chief information security officer (CISO) is the person in direct line of fire when security breaches occur, and given the deteriorating state of information security, taking overall responsibility for security-related issues is a perilous role.
During the last 12 months several leading organisations have admitted to serious data breaches. As a result, organizations are being advised by security industry experts that defense in depth will not keep everything safe, and no matter how secure you think you are all organizations are potential victims. Business organizations are being told to act as though they have already been breached. The emphasis is now on the need to identify data breaches at the earliest opportunity and deal with the impact as quickly as possible.
The CISO community recognizes that there is a clear difference between professional hackers that use stealth tactics to attack organisations in order to steal information and use it for financial gain, and “hacktivists” who target organizations because they hold a personal or idealistic grudge and want to see it held to account. Previously these groups were seen by CISOs as activists or in some cases vandals, but in the last few years they have become more organized and more focused on the levels of press coverage that successful attacks generate.
There are three distinct groups responsible for most malware attacks
The fact that cybercrime is on the increase is reflected in the views of most leading CISOs. Many believe that both criminality and malicious acts are on the rise. There is a general acceptance that three distinct groups are involved and each group has its own agenda.
Nation state sponsored attacks are seen as targeted, well-resourced, and well-organized. But realistically their attack methodologies don’t have to be mega-advanced with a zero day payload to get past the base-line defenses that exist across most sectors of government and industry. The CIOs and CISOs we have spoken to accept that organizations are often breached by fairly simple approaches that only need to be advanced enough to get past a Maginot line of static defenses and at state level have the support of a sponsor who is interested in the information on offer.
Traditional financially-motivated cybercriminals continue to silently hoover up sensitive business, customer, and account information in order to make a profit. These attacks are generally opportunistic, not necessarily well resourced or targeted, but often successful. Like their state-sponsored counterparts, the objective is to break in unobserved and silently go about the collection of data for as long as their presence remains undetected.
The third element is significantly different. It involves groups who are motivated by the prospect of publicity and are now organized to the extent that hacktivism is known to have stolen more data in the last year than the traditional models. CISOs accept that a kudos element remains to some hacktivist-led attacks, but recognize that this is overshadowed by the top secret information that is stolen, and then published online for the world to see.
Hacking tools are consumables but basic viruses remain a problem
Each organization faces a diverse range of security problems. Very few are unique, but at the same time it is difficult to imagine two more diverse ends of the security spectrum than the business requirement for basic antivirus protection and the latest consumer-led initiatives. Yet both continue to have a significant influence. Malware products that can form part of a malware attack can be bought online, with successful breach models consisting of a combination of social engineering and a supporting cast of pre-built malware tools. Other areas, particularly in the not-for-profit sector, continue to suffer from old fashioned virus attacks. This happens because users share information across a variety of locations often with insufficient antivirus software in place. This can be a user issue as people still don’t have the security awareness required to protect the organisations they work for. In this context the problem for the CISO is about basic education issues and the struggle to get antivirus protection for the type of basic network connections that continue to be in use. For example, there are serious concerns about how long it takes these organizations and their users to do the basics such as patching and updating virus protection software.
When considering the majority of successful security attacks last year there was a common theme. Most were basic standard sequel injection attacks that have stayed in top-ten lists for the best part of last 15 years. Whereas some of the big players such as Microsoft have made significant security improvements, with most software products (including those developed for new mobile devices) there is little or no control.
Consumerization adds an extra degree of complexity
The consumerization of IT and the bring-your-own-device (BYOD) culture are making a lot of headlines, but for many CISOs this is just part of a larger data management issue. Consumer applications and BYOD add an extra degree of complexity, but are generally seen as just another thing to worry about. CISO concerns were more about the management of data and an inability to classify it effectively.
Most organisations struggle to identify their critical data; the supporting classification disciplines are not mature enough. It is too hard and users continue to store data on their C or D drives or personal devices, where lack of backup is also an issue. There are also said to be more problems that need to be addressed with the fixed devices in corporate networks which are assumed to be secure and well managed than with the next generation of mobile devices.
The user demand for access to corporate networks is seen as being out of line with the real need. Users demand access on a 24×7 basis, whereas in reality the business requirement only demands extended access in emergency situations. CISOs believe that if there was better access control the issue of unwanted and unwarranted access could be controlled. Potentially there could be benefits from changing from role-based access to rule-based access controls. Overall there is a belief that whatever improvements are made to the way that we approach the security problem in the future, they have to be cost justified. It isn’t worth spending significantly larger sums than we are already on fraud protection without clear business benefits.
» Send this article to a friend...
» Comments? Tell us what you think...
» More Telecom & Commerce articles...
Commentsblog comments powered by Disqus
Support This Site
• 5/10 Ovum: Ovum comments: GB smart meter delay better late than never
• 5/9 Wireless Watch: Microsoft/Nokia alliance at crossroads as both ponder OS futures
• 5/9 Wireless Watch: Apple must rethink far more than the iOS user interface
• 5/9 Faultline: Quantenna gets closer to ST Micro, expect it to get “ascloseasthis”
• 5/9 Faultline: Microsoft volunteers to take Nook, as Barnes and Noble start to breakup
• 5/8 Ovum: Government policy-makers need to create a level playing field for cloud services procurement
• 5/7 Ovum: Analyst View: TPG looks to become Australia’s fourth MNO
• 5/7 Ovum: Analyst view: UK G-Cloud to champion public cloud
• 5/2 Ovum: Analyst view: Facebook’s Q1 2013 results
• 5/2 Wireles Watch: ZigBee Alliance completes Smart Energy Profile 2:
• 5/2 Wireless Watch: AMD, AT&T and Ericsson – wireless value chain shifts to IoT
• 5/2 Faultline: Netflix Hastings predicts OTT world – should stick to profit predictions
• 5/2 Faultline: Ziggo to add 1m homespots by August, work with Liberty Global
• 5/1 Ovum: Ovum says insurers must deploy predictive analytics to navigate through future complexity and chaos
• 4/29 Ovum: Analyst view: Telenor to buy Globul
• 4/29 Ovum: Analyst view: Infosys partnership with IPsoft breaks new ground in service automation
• 4/29 Ovum: Ovum forecasts social messaging apps will cost operators $32.6bn in 2013 growing to over $86.0bn in 2020
• 4/26 Ovum: Informa PLC announces executive management change at Ovum
• 4/25 Wireless Watch: US mobile market continues to shift, but at least there’s new blood this time
• 4/25 Wireless Watch: LTE cannot solve all a cellco’s problems single-handed
• 4/25 Faultline: Verizon, AT&T continue zero sum broadband game, video up
• 4/25 Faultline: CEA says tablets, smartphones on the rise, mobile dominates spending
• 4/24 Ovum: Analyst view: Apple beats financial analysts’ estimates, but is this a good thing in the long term?
• 4/23 Ovum: Ovum recommends CIOs to explore design-thinking techniques for complex ICT projects
• 4/23 Ovum: Analyst view: EE’s Q1 results – it’s all about those LTE numbers
• 4/22 Ovum: Ovum warns telcos not to rush to expand into additional countries
• 4/18 Wireless Watch: Mobile web challengers need far more than HTML5 to destabilize Google
• 4/18 Wireless Watch: Facebook and Google build anti-Apple teams
• 4/18 Faultline: LGI cannot buy KDG – so what’s really going on
• 4/18 Faultline: WiFi offload to become the cellular kingmaker
• 4/17 Ovum: Ovum says look beyond technology to the cultural aspects of gamification
• 4/16 Ovum: ACHIET-Ovum Observatory: Telecoms industry boosts socio-economic development in Latin America
• 4/16 Ovum: Social messaging can be monetized, says Ovum
• 4/16 Ovum: Australian CIOs say cloud services adoption is currently marginal but momentum is building
• 4/12 Ovum: Analyst view: Microsoft softens the blow for businesses struggling to upgrade from Windows XP
• 4/11 Faultline: Swedish Magine cloud to break over Spain and Germany
• 4/11 Ovum: Ovum Industry Congress 2013 will map how agility and innovation can enable businesses to face today’s disruptive trends
• 4/11 Wireless Watch: The new-look RAN ushers in disruptive economics and vendor shake-up
• 4/11 Wireless Watch: Google increasingly isolated in its own Android kingdom
• 4/11 Faultline: Broadcasters move towards IP only delivery, common ecosystem
• 4/9 Ovum: Analyst view: EE is doubling speeds and capacity
• 4/9 Ovum: Ovum warns European retail banks must not ignore social media
• 4/4 Ovum: Analyst view: Facebook needs a mechanism to deliver its own services to a portfolio of devices.
• 4/4 Ovum: Analyst view: Facebook’s Android launcher better targets millions of Android users
• 4/4 HP Improves Enterprise Mobility with Cloud-based Management Solution
• 4/4 Faultline: US networks will fight Aereo all the way to Congress
• 4/4 Faultline: Ericsson makes bid to outsource global broadcasting
• 4/3 Ovum: Analyst view: Cisco’s acquisition of Ubiquisys
• 4/3 Ovum: Analyst view: EU could restrict Google’s freedom to profile consumers
• 3/28 Wireless Watch: T-Mobile’s ‘no-contract’ compromise could come to Apple’s aid
Amazon Ads: More Cell Phones