Going to war on the IT security battlefield

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.techrepublic.com/article/going-to-war-on-the-it-security-battlefield/#
.

Threats are constantly evolving - some faster than others. Take for example
today's threat landscape, an ever mutating cacophony of bad code, designed
to penetrate the most secure environments using multi-thronged attacks.

It is the nature of those unified threats that are forcing a rapid
re-engineering of security technologies. Simply put, the network edge has
become a battlefield and IT is at war. However, like any battle, success
comes from intelligence - identifying and understanding the enemy's
capabilities, motives and most importantly, their tactics.

Today's cyberthreats have changed focus from those in the past, taking on a
more targeted persona, with the ultimate goal of financial gain, in one
form or another. Whether threats come in the form of identity theft,
corporate espionage or data theft is not the key point today - all of those
elements (and many others) are under attack, forcing organizations and
individuals to innovate new protection schemes to keep data and
intellectual property secure.

The key to avoid today's (and tomorrow's) threats is to act proactively -
in other words, remain at least one step ahead of those distributing
malware and participating in data theft or corruption. However, proactivity
can be hard to achieve, especially if management lacks the proper tools,
knowledge and most importantly, the partnerships with vendors, service
providers and security experts.

Prioritizing threats

Partnering with the right service providers and vendors allows a business
to benefit from knowledge derived from current threat landscape and allows
managers to place priority on the appropriate protection schemes and
technologies. What's more, those partnerships can deliver insight into
compliance and other security driven practices, helping organizations to
maintain compliance and meet auditing objectives.

However, partnerships can only deliver so much insight, requiring that
effective tools are deployed - ones that can consolidate and unify security
management in a proactive fashion. For true protection, it takes a platform
that can report on the current threat landscape, identify trends and offer
predictions that can fuel remediation, before a threat is encountered. The
first step to achieving security nirvana comes in the form of completely
understanding the threat landscape.

Today, the current threat landscape consists of more targeted attacks,
especially when it comes to spam. Recent research from Cisco shows that the
volume of spam is falling, yet sophistication is increasing and moving
toward more targeted shorter runs, which are "based on world events and
particular subsets of users." Adding detail to this trend, Cisco notes that
India remains the main source of spam, with the US moving from sixth to
second; spam drops by 25% over the weekends (most likely because targets
don't check email as frequently); and 79% of spam is in English. Cisco also
notes that spammers have moved away from malicious attachments toward
malicious links, with only 3% of spam carrying an attachment.

Mobile malware increasing

Another trend is the increase in mobile malware, which grew by 2,577%
during 2012. According to Cisco, Android is the most targeted (95%). But
that still represents only 0.5% of all malware encounters, meaning that the
malware aspect of the mobile threat should not be over-hyped.

However, one must take into account the growing trend of BYOD (Bring Your
Own Device), which magnifies the mobile malware threat. Taking into account
with the evolving cybercrime landscape, mobile devices may very well become
the preferred choice for intrusions into corporate resources. An
observation that is most troubling, especially as the cybercrime landscape
has evolved into a set of highly specialized criminal products and services
that are able to target specific organizations, regions, and customer
profiles by using a sophisticated set of malware exploits and anonymization
systems which routinely evade present-day security controls.

That in turn has created an entire underground economy, which has been
built for the purpose of stealing, packaging, and reselling electronic
information. What's more, cyber criminals have expanded their reach into
other forms of information theft and are now selling access to private
networks.

Combating those threats (and many others) has become a major chore for most
organizations, which is unlikely to letup anytime soon. However, regular
research and understanding the dangers of the cyberthreat terrain should
prove to be beneficial allies in the war against cyber attacks. IT
managers, administrators and other stake holders can turn to informative
sources, such as several security organizations and security product
vendors to better understand the threat landscape and derive proactive
plans for combating threats.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!