The data center of the future? It’s the one CIOs don’t operate

May 22nd, 2015

Written by Niel Nickolaisen for TechTarget:

Technology is ubiquitous and it is constantly changing. Because of that, IT leaders must become really good at deciding which technology battles they should fight. For a while, the really interesting technology innovations came from the non-infrastructure side of life with things like advanced analytics, mobile apps, social, digital marketing, micro-services, data privacy, collaboration, and all manner of compelling things worth fighting for in the corporate corridors of power. In the past couple of years, really interesting innovations are happening in the world of infrastructure. These innovations include cloud orchestration tools, a wide array of cloud services, containerization, software-defined everything and hyper-converged infrastructure. I decided some time ago that if, from among all of these innovations, I have to decide which battles to fight, I am going to let someone else prosecute the infrastructure innovation battles. For me, the data center of the future is the data center that someone else innovates and operates.

Let me provide an example.

Some of my largest customers are asking me to provide them geographical segregation of their data. That means that I need to prevent some of their data from entering certain geographies. If I am operating my own data center, supporting geographical data segregation can be a nightmare. I would have to build out a data center in an acceptable geography, populate it with new hardware and route specific transactions to that data center. Even if I have virtualized my entire application stack, I would need to physically replicate my data center.

Conversely, if I use another’s data center, I create a virtual instance of my application stack and move it to a data center in a geography that is acceptable to my customers. There is still work to do, but this is much simpler and cleaner than building it out myself. Every day this type of application movement becomes even easier as the cloud orchestration tools and technologies get better and better.

When I combine using someone else’s data center with mine, using the new application container technologies, I end up with an extremely nimble, agile and responsive-to-change stack of services. And at the pace of technological change, I need all the nimbleness I can get.

Should I figure out hyper-converged infrastructure options or should I do business with a data center provider who is driving those innovations and making those decisions? Besides, what will make the biggest difference for my organization? Mastering the data center of the future or mastering advanced analytics, digital marketing, social and whatever other non-infrastructure technology advancements are coming my way? For me, I choose not to fight the data center battles.

Of course, I have to be careful in selecting the provider who will deliver my data center of the future. I should only consider someone who is exploring and experimenting with the new and evolving infrastructure technologies. Someone with a track record of flawless delivery of data center services. Someone who, every day, achieves operational excellence and continuous improvement.

In managing all of the things on my technology plate, it makes sense to me to let someone else be the master of data center management and innovation.

Cyber attackers show ingenuity in first quarter of 2015, report shows

May 21st, 2015

Written by Warwick Ashford, for Computer Weekly:

A combination of newer and older threat variations defined the cyber security landscape in the first quarter of 2015, according to the latest report from Trend Micro.

The Re-emerging threats challenge trust in supply chains and best practices report highlights malvertising, zero-day vulnerability exploitation, macro malware and the Freak vulnerability.

Researchers said exploit kits grew in sophistication and added new exploits to their arsenals, increasing their appeal to expert and novice attackers.

They also found that old threats are being reinvigorated with new targeted attack tools, tactics and procedures. For example, those behind Operation Pawn Storm set their sights on new targets, proving that targeted attacks are evolving.

Another trend identified by the report is the shift in focus of crypto-ransomware from consumers to target enterprises.

The resurgence of macro malware suggest cyber criminals are taking advantage of user security complacency, through reliance on sofware defaults, the researchers said.

The start of 2015 also saw the decade-old Freak vulnerability cause patch management challenges. As more vulnerabilities emerge in open-source operating systems and applications, researchers said IT administrators will find it increasingly difficult to mitigate risks.

”From an industry perspective, healthcare and retail point-of-sale systems have seen an uptick in threat activity,” said Trend Micro chief technology officer Raimund Genes.

Major healthcare service providers, such as Premera Blue Cross and Anthem, suffered data breaches in the first quarter of 2015 that exposed millions of customers’ financial and medical data.

“The report reinforces how complacency can present major cyber security risks in an era where the margin for error has been significantly diminished,” he said.

Tech users assailed from all angles

2015 is shaping up to be noteworthy in terms of volume, ingenuity and sophistication of attacks, said Genes.

“The rise in attacks against the healthcare industry, combined with the rise in malvertisements, reflects that technology users are being assailed from all angles,” he said.

According to Trend Micro, businesses and individuals alike need to be proactive in protecting against threats.

Genes said an aggressive and different security posture is critical to keep financial, personal and intellectual property safe.

According to the report, adware topped the list of mobile threats, with Trend Micro now documenting more than five million Android threats to date.

Trend Micro researchers also found zero-day exploits targeting Adobe software usedh malvertisements and no longer required victims to visit or interact with malicious sites to become infected.

The researchers found that iOS and point-of-sale systems continue to be targeted, but considering exploitations in these areas have been in their infancy for several years, researchers believe this rise is primarily due to a lack of preparedness that can be addressed

Businesses and individuals need to ask if they are doing enough to protect themselves from security threats, said Genes.

“While we need to constantly update our systems to protect against new attacks, the first quarter of 2015 clearly showed we need to also watch out for older threats, and how no industry or system should feel exempt,” he said.

20% of security professionals say their company has hidden or covered up a breach

May 20th, 2015

Written by Lewis Morgan, for IT Governance USA:

There are many reasons that an organization would want to cover up a data breach, including avoiding heavy fines, reputational damage and loss of customers.

It’s therefore unsurprising that 20% of respondents to a recent AlienVault survey have witnessed a company hide a breach.

The survey – ‘Ethics, Security and Getting the Job Done’ – was conducted by AlienVault at this year’s RSA conference in San Francisco and surveyed over 1000 people.

Other key findings from the survey:

  • Over half of security professionals utilize hacker forums or associate with blacklist to keep abreast of the latest threats and technologies.
  • Most believe the CISO (chief information security officer) should be ultimately accountable for breaches.
  • Security breaches are used as leverage to increase security budgets.

Javaad Malik, AlienVault security advocate and author of the report, said in a brief about his findings:

“Many companies are realizing that being breached or suffering an incident is the part of the cost of business – however, when the inevitable does occur, the security teams still find themselves under considerable pressure which can contribute to breaches being hidden or vulnerabilities ignored.

“It provides a glimpse into the struggles of professionals working in a very young industry that has been thrust into the forefront of business, politics and media.”

Javaad is right. The last couple years have seen the number of data breaches explode, and we’ve seen many organizations stuck in the thick of it with little preparation. It’s very rare that a data breach occurs and the media covers it by saying, “They were breached, but they handled it really well” and that’s because very few know how to handle it – which may prove to be the reason that 20% chose not to handle it.

Smaller but not unnoticed

May 19th, 2015

Written by Fleur Doidge for CRN:

If SMB customers think they’re not potential targets for hackers or other malicious attackers, they’re mistaken.

Craig Stewart, EMEA vice president at cloud security specialist Zscaler, agrees. They can also become indirect targets when an attacker is aiming for larger or more prominent companies that are customers, partners or suppliers to the SMB, or caught up in a scattergun-type attack.

“I think we’re seeing a lot more smaller businesses outsourcing significant parts of their activities, whether that is email or their invoicing [for example],” he adds. “Edward Snowden wasn’t an employee – he was a contractor.”

Security itself is increasingly outsourced, while it remains easy for attackers to spoof websites and even produce convincing-looking paperwork to back up spurious online transactions. Almost any company can fall prey to ransomware, man-in-the-middle, phishing or honeypot strategies.

“A lot of these strategies probably work better on SMEs,” Stewart says. “BP, Shell, Lloyds, and firms of that size are not going to pay in a CryptoLocker-type ransomware attack. But smaller businesses just might.”

Stewart says we have reached a point, though, where more SMB-focused security products and services are emerging.

In the meantime, the key is not only in educating smaller businesses about the real and evolving risk from malicious attack, but in helping them understand where their own business fits in relation to that risk, in order to choose and deploy something that might protect what’s most important to them.

Rahul Kashyap, chief security architect at security vendor Bromium, notes that classic anti-virus cannot bring back encrypted, locked files in the event of a ransomware attack.

“We only expect this trend to continue because it is so effective,” he says.

“It highlights the importance of best practices, such as end-point protection and external data backups. Often when you are hit with ransomware it is impossible to get your files back because the payment processing may fail or the encryption keys may not work – not to mention the danger of providing your credit card number to these attackers.”

Tim ‘TK’ Keanini, chief technology officer at Lancope, agrees, noting that there is a long-tail dynamic in cybercrime, with more and more categories of customer becoming affected as time goes on. And of course if one point on a supply chain is attacked, the rest of the supply chain can also be affected.

“It really is everybody’s problem,” he says. “And there are so many dimensions to it now.”

This obviously may relate to cloud and mobility, but in addition, for example, physical security may be an important component of the whole solution, Keanini indicated.

Depending on the company, CCTV and practices such as clean-desk policies might be needed as part of an integrated, holistic security approach, especially if there is genuine concern about systems potentially being vulnerable to unauthorised visitors or intruders on-site.

Dan Sibille, vice president of channels at Lancope, confirms that all this means that the seam of potential reward for the channel is certainly worthy of mining. Crucially, medium-sized firms as well as smaller ones are in need of education and training to assist them to understand and apply security technologies.

“There’s a huge opportunity for partners to go in – to offer that value and services around it, putting something together that’s cost-effective for customers,” he says. “And it’s not just about the technical issues.”

Dave Ellis, director of strategy and new products at Arrow ECS, warns that SMBs may be even more vulnerable to cyberattack than larger firms, and not just because they tend to lack the resources and expertise – not to mention the processes and procedures – to protect themselves.

“It’s not that they’re necessarily going to be singled out by a targeted attack, or a hacker who wants to gain credibility, but a lot of attack vectors these days are very broad-based, and many are automated. They’re not really picky about who they target,” he says.

“And smaller companies are more at risk because of that.”

SMBs that are more reliant on their IT infrastructure are, ipso facto, more vulnerable and should consider their situation in detail and take steps to protect themselves, including contingency plans in the event of a breach.

And the need for better staff education is high: “It’s important that users know not to open certain kinds of emails or attachments. Not just setting policy, but ensuring that policy is followed.”

Anti-virus, firewalling, web filtering, intrusion prevention, and other standard security tools will all be required at a basic level. But this will not be enough for a significant proportion of SMB customers, and they will need guidance on deploying cost-effective security that works for them, Ellis reiterates.

“A good way for resellers to get in is to do a health check, or some vulnerability testing,” says Ellis.

Automated or semi-automated tools are available to perform such tests – meaning non-security specialists can get in on the action as well.

Jon Brooks, leader of the financial and executive risks practice at insurer Willis, says the government’s Cyber Essentials guide, released on 5 June (2014), is a good starting point for SMB education.

SMBs must consider the risk in full, the ramifications and the potential liabilities – not only may partners or customers seek redress in the event of a breach, but their long-term standing in terms of reputation and valued supplier status can be at risk. And then there’s the cost of downtime.

“Cyber Essentials at least allows UK businesses to have a common understanding of what that basic level of protection is,” he says.

Cyber Essentials, however, doesn’t refer to mobile phones and other gadgets – all of which need to be considered in an effective SMB security offering. Mobility has definitely increased the risk, notes Brooks.
“There are lots of issues there, and lots of education required. And there’s basic human error,” he adds.

“I think the supply chain risk is misunderstood.”

He points out that the theft of 70 million customer records, including names, addresses, emails and phone numbers from the records of US retailer Target, is believed to have come via its air-conditioning company, FSM – which had itself been attacked.

The security question hasn’t become any easier to answer, for any size of firm. A FireEye study of real-world data collected from 1,216 organisations across the globe, from October 2013 to March 2014, found that 97 per cent had been breached, with all methods of protection being circumvented.

“No corner of the world is remote enough to avoid falling into attackers’ crosshairs, and current defences are stopping virtually none of them,” FireEye wrote in the resulting report.

“Three-fourths of the systems observed in our tests had active command-and-control (CnC) sessions taking place. These systems weren’t just compromised; they were being actively used by an attacker for activities that could include exfiltrating data.”

FireEye’s cross-industry sample reflected a broad range of attackers, techniques, and motives.

The range of security tools used in the FireEye tests – leading-vendor firewalls, intrusion detection and prevention systems, web proxies, network anti-virus, end-point anti-virus, and other anti-malware tools – failed to prevent at least 208,184 malware downloads, including 124,289 unique malware variants.

A quality answer to the undoubted need for security from malicious attacks may be likely to involve combination, dynamic offerings geared to specific requirements.

One thing is for sure: SMBs, like other organisations, will keep needing the channel to help them discover the best solutions for them.

Ovum urges service providers to get serious about cloud security

May 19th, 2015

Written by Caroline Donnelly for Computer Weekly:

Security remains the biggest barrier to cloud adoption in the enterprise, with in-house skills gaps making it harder for organisations to securely manage their own infrastructure. That’s one of the main findings of Ovum’s report – The Role of Security in Cloud Adoption within the Enterprise – in which the analyst house raised concerns about the number of cloud providers who treat security as an afterthought when building their services.

Despite this, the report – authored by Ovum principal analyst Andrew Kellett – claimed 80% of enterprises are now using some form of cloud technology, but concerns about compliance, security and data protection persist for many.

“The most commonly expressed cloud security concerns revolve around the lack of visibility into the data protection measures employed by service providers,” the report said.

“There is the potential for other users of shared cloud services to gain access to their data, and a lack of ability to control where a service provider chooses to locate their data.”

Providers must do more to demonstrate to users that their services have been built from the ground up so that all these areas are addressed, said Ovum.

Security positioned as an afterthought

“Service providers can no longer afford to position the security and compliance requirements of their clients as optional extras to their core business services,” the report said.

“On too many occasions, security has been positioned as an afterthought when new technology initiatives have been brought to market. Any service that includes access via public networks cannot ignore user and data protection requirements.

“A growing number of SaaS-based cloud service providers are building out their security positions, but many still look as though security was an afterthought, and any security or compliance components that are included are bolted on extras.”

Enterprises rely on providers for security skills

Given the dearth of IT workers with skills in cloud security, many enterprises look to providers to plug the gap – putting pressure on them to put their houses in order.

“This is a situation that has developed over several years and has now reached an acutely serious stage where many organisations now lack the skilled practitioners needed to maintain their own in-house operations and keep data safe,” Kellett wrote.

“One option is to outsource security to a specialist managed security services provider. Another involves obtaining the required security services as part of an integrated package when working with a cloud-based managed services provider that already offers security and compliance as an in-built part of its overall management and service delivery offering.”

Shop about for cloud data protection

Cloud security supplier Firehost endorsed the report’s findings. Firehost’s Europe vice-president Eleri Gibbon urged users to shop around if their chosen provider falls short on data protection.

“In today’s business climate, cloud service providers need to demonstrate their commitment to improving IT security,” she said.

“Likewise, customers need to look elsewhere if their current provider doesn’t meet their needs. Security-conscious industries in particular – such as the retail, payments and finance sectors – should seriously consider the use of secure, specialist cloud solutions to ensure the protection of their sensitive and extremely valuable data.”

Executives fear domino effect of cyber attacks, study shows

May 19th, 2015

Written by Warwick Ashford for Computer Weekly:

More than half of US top executives fear not only serious disruption of their own operations, but also the impact of cyber attacks on national infrastructure, a study has revealed.Most of the C-level professionals surveyed by security firm RedSeal believe a co-ordinated assault launched by sophisticated cyber criminals could wreak ongoing havoc on business operations, cause considerable harm to a brand, and potentially affect related companies or even entire industries.Many also said that in the networked economy, containing the problems caused by a sustained network attack will be very difficult. They fear that a major network disruption at a single company or network could disrupt infrastructure at a local, national and even global level.

“As this research makes clear, securing the network infrastructure to ensure ongoing business operations is not an abstract concern – it’s a vital issue because a successful attack will have devastating and even far-reaching consequences,” said RedSeal chairman and CEO Ray Rothrock.

“A co-ordinated, sophisticated and large-scale assault will not stay within the walls of the company being attacked. It could easily trigger a domino effect and cause widespread disruption, reaching companies in other sectors and even the national grid,” he said.

The survey of more than 350 C-level executives, including CISOs, showed 74% acknowledge that cyber attacks on networks of organisations can cause “serious damage or disruption”, and 21% admit to fears of “significant damage or disruption”. Almost 80% said such attacks could inflict “serious impacts to business profitability and growth”, and bring about “serious brand damage”, while 45% were also concerned that such attacks could lead to a “big hit on employee productivity”. More than 43% predict business downtime, while more than 41% fear “internal/organisational disruption or chaos”.

Asked what other areas might be affected by the “resulting ripple effects of cyber attacks on one network”, 64% cited “further business-related security vulnerabilities”. More than half (56%) went further, citing “national vulnerabilities”, and 59% agreed with the possibility of a security domino effect. More than half the respondents (52%) singled out “defence systems” as being potentially affected by a cyber criminal incident or data breach, while 45% cited “border security”, and 59% said such attacks could affect “economic security”.

Major network attack would have national significance

According to respondents, the most important sectors of the economy could be affected, including finance, energy, government, critical infrastructure and healthcare.

“What this survey rightly highlights is that in a hyper-networked economy, where most networks are inextricably linked to each other, a major network attack will be very difficult to isolate,” said founder of security analyst firm IT-Harvest, Richard Stiennon.

“This isn’t an IT or even a basic operational issue – it has national significance, and should be managed accordingly,” he said.

In February 2015, national intelligence director James Clapper said cyber attacks by politically and criminally motivated actors top the list of threats facing the US.

“Cyber threats to US national and economic security are increasing in frequency, scale, sophistication and severity of impact,” he said in an annual threat assessment delivered to Congress.

Clapper said US intelligence expects an ongoing series of low to moderate-level cyber attacks from a variety of sources over time that will have a cumulative cost on the US economy and national security.

In 2011, the UK unveiled its UK Cyber Security Strategy after cyber security was listed as one of the top national security threats against the UK in the 2010 security strategy review.

Halting cyber crime could have a positive impact on the global economy, according to Intel Security Europe security researcher and CTO Raj Samani.

“Some estimates put the cost of cyber crime to the global economy at more than $445bn, but the true cost is far greater as many countries do not report on this,” he told a NEDForum summit in London in February 2015.

The IoT industry needs to do more to secure data, says Beecham Research

May 19th, 2015

Written by Warwick Ashford for Computer Weekly:

There are key areas where the industry supporting the internet of things (IoT) needs to provide better security, according to Beecham Research.

The key areas where external or internal attacks may originate and need to be addressed by the fast-growing IoT industry are shown on Beecham’s IoT security threat map.

“The only reason we have not seen serious IoT breaches already is because the IoT has not yet been deployed in large-scale consumer or enterprise applications that make them attractive to attackers,” said Beecham Research technology director Jon Howes.

“Traditional machine-to-machine [M2M] applications are typically very focused, using specific edge devices, a single network and custom platform, making it relatively easy for security professionals to secure to the acceptable level,” he said.

However, Howes said IoT cuts across different sectors and embraces multiple devices and networks – from satellite to cellular – along with a growing number of IoT platforms and big data systems, which presents threats on many different levels and fronts.

“Wherever there is a new interface between devices, networks, platforms and users, there is the potential for a new weak link,” he said.

Without concerted action now, Howes believes the proliferation of different devices, networks, platforms and applications to support the IoT multiplies the vulnerabilities and greatly increases the potential for malicious attacks.

Beecham’s IoT security threat map points to a number of specific internal and external threats inherent in the IoT ecosystem.

With sensors and devices, researchers believe the challenge is largely around identification, authentication and authorisation, to ensure a level of trust and avoid risks such as application hijacking.

There is also the threat of physical intrusion. “Using differential power analysis, it is well known that by listening to very small changes in power consumption when different calculations are performed in a chip, it is possible to work out an encryption key,” said Howes.

The threat map shows that the main threat at the network level comes at the interface between different types of network.

“With a mix of fixed, satellite, cellular and low-power wireless networks, as well as personal and body area networks, the challenge is to secure the transfer of multiple streams of data between selected networks without exposure of key secrets or equipment control,” said Howes.

According to Beecham, with more than 100 organisations now offering IoT platform systems, combined with the growth of big data and cloud-based technologies across multiple market sectors, this is where most attacks will be focused.

“The benefits of IoT by definition rely on lots of data with high levels of searchability and analysis, but this also means the data must exist in plain text, which presents multiple threats – not least from insider attacks from sysadmins and authorised users,” said Howes.

No co-ordinated approach to securing IoT

Beecham Research believes that while work is going on to secure different parts of the IoT, there is no co-ordinated approach.

“We talk about the need for a deep root of trust in security and this is even more critical in a complex, connected IoT ecosystem,” said Howes.

“This starts at device level with sensors and microcontrollers, and continues through the networks, platforms and into the cloud. It’s a massive jigsaw and every piece has to deliver a level of trust to ensure end-to-end security and integrity.”

Beecham Research CEO Robin Duke-Woolley said security of the IoT is “significantly” more complex than existing M2M applications or traditional enterprise networks.

“Data must be protected within the system, in transit or at rest, and significant evolution is required in the identification, authentication and authorisation of devices and people,” he said.

Duke-Woolley added that there also needs to be recognition that some devices in the field will be compromised or simply fail.

“There needs to be an efficient method of secure remote remediation – yet another challenge if the IoT is to live up to expectations,” he said.

In September 2014, a Beecham Research report called on industry to act on security for the IoT before it is too late.

The report revealed there were insufficient security capabilities in the emerging IoT standards to manage the long lifecycles expected in many IoT devices, such as heating systems.

In February 2015, another Beecham report said security and data management for the IoT is a big value-add revenue opportunity for service providers.

The report predicted that revenues from device authentication, device management, data management, billing and security will exceed $3bn by 2020.

Out of these, Beecham said security and data management services are expected to generate around $1.8bn alone.

 

Third of IT spending to go on cloud this year – IDC

May 7th, 2015

Written by Hannah Web for CRN:

A third of all IT infrastructure spending will go on cloud by the end of this year as spending on the technology is expected to jump by more than a fifth, according to IDC.

By the end of 2015, total cloud spending globally will jump by 21 per cent annually to $32bn (£21.27bn), accounting for a third of all IT spend. Last year, cloud made up just 28 per cent of total IT spending, IDC said.

Spending on private cloud will jump 16 per cent annually to $12bn and public cloud spending will rocket by a quarter to $21bn.

The fastest rate of growth in cloud spending will come from western Europe, where it will rocket 32 per cent annually this year. The growth in Latin America and Japan will hit 23 per cent and 22 per cent respectively, while in the US, cloud spending will enjoy a 21 per cent boost over the same period.

IDC said cloud will continue to be the must-have technology in the near future.

“The pace of adoption of cloud-based platforms will not abate for quite some time, resulting in cloud IT infrastructure expansion continuing to outpace the growth of the overall IT infrastructure market for the foreseeable future,” said IDC research manager Kuba Stolarski.

“As the market evolves into deploying third-platform solutions and developing next-gen software, organisations of all types and sizes will discover that traditional approaches to IT management will increasingly fall short of the simplicity, flexibility, and extensibility requirements that form the core of cloud solutions.”

Think server vulns are the IT department’s problem? Think again

May 6th, 2015

Written by Theresa Miller for The Register:

Regardless of the type or size of business you’re part of, the way we approach security has changed forever.

Gone are the days that a business can feel safe with its security design model. Attacks have become more sophisticated.

Your organization should no longer be thinking about “if” an attack will happen, but be planning for “when”.

The question is therefore, how this changes the scope of our organizational security strategy.

You need to look at the policies, procedures and tools needed to ensure your response is rapid and correct while also covering the steps that can be taken to start closing security gaps within your organization, and learning why security breaches are inevitable.

Only recently we’ve had two high-profile examples of security attack – Sony and Anthem (the latter is second-largest health insurance provider in the US).

Sony suffered a series of attacks that saw the firm have to take core business systems offline to isolate itself from outside intrusion, although not before Sony suffered an embarrassing loss of data. Unreleased films and confidential emails were leaked to the web, and employee data stolen.

Anthem saw 88.8 million private medical records pilfered from its servers while it’s emerged the firm turned down an offer from the US government to audit its computer security.

In both cases, the best response firms could offer employees and customers was free identity protection services as a follow up.

The message here is simple: security needs to part of a combined business and public relations (PR) playbook. The security team within your IT department cannot standalone, and the way information is shared with customers and employees can destroy an organizations’ reputation if not done well.

Rethinking your approach and taking action can help significantly. Here are some strategic guidelines that can be used to protect your organizational employees and customers.

  • Keep up with regular patching and system maintenance: Symantec reckons we can eliminate 80 per cent of vulnerabilities just by patching servers and workstations routinely. This includes updates anything and everything software related that your organization uses that patches have been issued for by the vendor. That leaves the remaining 20 per cent of vulnerabilities that you can also fix.
  • Security checks with penetration testing twice a year: Routing checks that include penetration testing with third-party providers, you can help find security loopholes that need resolution. Even more importantly though, do not just sit on this information. Remediate the issues found.
  • Retire the really old legacy systems: If your organization is running old equipment that is not being updated or maintained, it’s time to figure out how to get that replaced. Legacy systems typically are highly vulnerable to today’s sophisticated attacks.
  • Have excellent backups, and backups of the backups: Modern-day attacks can even destroy your backups. By having a solid backup strategy in place it can help you restore your business under even the worst security violation. For example, Cryptolocker malware is a common piece of malware that has been able to destroy organizational backups.
  • Use more than one technology: A single vendor cannot cover everything and represents a weak link in your security chain.
  • PR and business planning: Develop a playbook with the appropriate legal and public relations folks so you have the correct response if, and when, something happens. Depending on your size, you’ll have anything from one individual to a department and/or external resources you can draw on.

While this might seem like the stuff of the big boys, small and medium-sized companies can look after themselves, too. Here are some recommendations:

  • Protect your PCs: Invest in one or two pieces of really good virus/malware protection software for your and do regular system scans.
  • If you’re hosting, chose a reputable service provider: That means somebody who keeps their back-end system updated and offer you the latest and greatest protection.
  • Good backups of data: Even a small business can take what is a simple step.
  • PR and business planning: This may depend on your size. At least have a legal representative start this conversation and develop a response plan that you can offer customers. On the communications side, developing a formal statement and response you can tear open will help reputation.

Now is the time to take a close look at you protection strategy and to ramp up. Falling short on your overall response, not just on the IT and cyber side, could risk the future success and reputation of your business.

UK firms taking two weeks to detect advanced threats

May 5th, 2015

By Doug Woodburn of CRN

A quarter of UK respondents to Intel Security-backed survey admit it took them more than a fortnight to identify an advanced attack last year
A quarter of UK businesses took more than two weeks to discover they were suffering an advanced cyberattack in 2014.

That’s one of the findings of a survey commissioned by Intel Security which quizzed IT and security professionals at 700 mid-market and enterprise businesses in the UK and Europe, as well as the Americas and Asia.

On average, respondents indicated that their firms conducted 78 security investigations last year, 28 per cent of which were focused on targeted attacks.

Some 25 per cent of those questioned said it took more than a fortnight to detect they were suffering an advanced cyberthreat last year.

The figure was similar for other countries, standing at 25 per cent in France and 35 per cent in the US.

For 39 per cent of respondents, a threat, once discovered, took between two and 12 weeks to remove and remediate.

Raj Samani, EMEA CTO at Intel Security, claimed end users have a “golden hour” in which to detect and deflect an attack if they are to minimise damage to their organisation.

“It’s worrying to see that companies in the UK and globally are losing out on critical time in the initial onset of an attack – when immediate action is crucial,” he said.

“Hackers don’t hang around; as soon as they identify a vulnerability within a corporate network, they will be working to spread this as far as possible throughout the enterprise, wreaking havoc and compromising data along the way.”

Some 78 per cent of UK respondents said a lack of communication between their firm’s security tools could be slowing down its ability to react to cyberthreats, according to the survey, which was carried out by the Enterprise Strategy Group.

Some 39 per cent said they are in need of better automated analytics from their security intelligence tools to gain better security visibility. Meanwhile, 80 per cent believed their organisation suffers from a shortage of IT security skills among staff.

 

Qube is a managed services provider operating Datacentres on a global basis. We offer a broad range of IT services from simple co-location to fully managed virtual data centres always with a primary focus on IT security and compliance. We are independent and therefore able to provide the best solution for our customers yet partner with high performance vendors such as Hitachi, VMWare, IBM (Softlayer), Colt, Corero, and Level 3. Our highly experienced team offers Enterprise grade levels of IT management allowing you to focus on your core business safe in the knowledge that your IT environment is secure and compliant.