Enterprises need proactive cyber security – can’t wait for Cyber troops to be ready for action.
The main reason why so many organizations are suffering breaches and other forms of cyber-attacks is because they’re not practicing proactive cyber security, but reactive. They only opt for a cyber-security solution after already being hit, and they usually do it wrong.
With the always-evolving threat of hacking, it is essential that the public and private sectors take a proactive cyber security approach. One attempt to accomplish this are two EU-funded projects, SHARCS and PQCRYPTO, are working to develop new security paradigms, architectures, and software to ensure our ICT systems are secure and trustworthy.
Clearly, more work needs to be done to proactively ensure the security of our online information. To mitigate threats such as FFS and others, there is an ongoing need for new testing methods, hardware certification, and adaptations of software needs. For these reasons, the SHARCS project is designing, building and demonstrating secure-by-design applications and services capable of achieving end-to-end security for users. At the same time, the PQCRYPTO project is working on cryptographic systems that are secure not only for today’s needs but also against the long-term attacks presented by quantum computers.
At the same time in the U.S., a drama started when FBI agents started contacting the DNC about its network security. The DNC received some warnings, DNC spokespersons say, but not a lot of concrete details. Eventually as previously reviewed [here], emails leaked in the DNC hack caused a large degree of unrest in the Democratic Party. DNC officials are claiming that they asked the FBI for help but were turned away. Enterprises just like the DNC need to have a proactive cyber security approach.
Many business leaders have only a vague understanding of how security threats are typically discovered and disclosed, and how the FBI works with companies. However, these protocols can have huge effects on an enterprise that’s under fire and dealing with cyber attacks. Many times companies don’t know they have been attacked until the FBI calls them… It’s imperative that businesses control their own vulnerable data – so that outsiders don’t have to get involved. Most law enforcement agencies will only get involved after a problem has become big enough to hit their radar, and by that time, it’s usually too late.
NSFOCUS, a global network, and application security provider recently said that 76% of organizations suffered a breach in the last two years. In order to protect themselves, they go for solutions which fragment and silo security efforts, only adding to the frustration. In order to properly protect themselves, organizations should automate threat intelligence, eliminate silos with integrated defenses, identify security blind spots, take an intelligent look at the network.
The fact that Cybercriminals try to gain access to protected networks from any hole that they can find created a security process that attempts to close the holes as they are found. Installing Anti-Virus protection after a virus created havoc, DDoS defenses after a DDoS attack, intrusion prevention systems, web application firewalls, and a host of other security technologies.
The different attacks led to visibility tools such as log aggregators, SIEMs, and traffic analyzers – but has proven to be a poor attempt to get a holistic look at the threat landscape. In reality, these solutions have created security silos that require specialized teams and result in a limited, expensive and ineffective approach to security. Enterprises can’t hire or employ the amount of security personnel required to protect operations.
How does an Enterprise implement Proactive Cyber Security?
There are emerging solutions to that include a suite of tools that will help provide robust network protection, not just on the perimeter, but inside of a network, with a window into daily activities to catch anomalies that can be signs of a pending or occurring attack. One example is Safe-T a cyber provider of secure data exchange and access with solutions that include self-monitoring, file sharing tools, data scanning, data encryption all this to make a company’s internal security hardy enough to keep up with the wide range of malware, virus, phishing and hacking efforts that circle the business system constantly.