Most pressing security threats for major companies
Cyber attack techniques change almost daily, but there are advanced solutions available to combat the most prevalent types of attacks, says Anton Jacobsz, MD of Networks Unlimited.
Anton Jacobsz, Managing Director of Networks Unlimited, distributor of Fortinet, says local enterprises are well aware of the proliferation of cyber threats facing their enterprises and their valuable data. However, too many are still unprepared to defend themselves in the face of the sheer volume and variety of malware and attack methods.
"This lack of preparedness might be attributed in part to budget constraints, to a ‘hope for the best' approach from management, or to a lack of a dedicated CISO or IT security team," says Jacobsz. "But being unprepared is risky, particularly if you look at the financial and reputational impact that breaches are having on high-profile companies around the world."
Jacobsz recommends that enterprises re-evaluate their security strategies, aiming to be proactive rather than reactive, and that they integrate into their security toolsets advanced solutions to address the most prevalent attack forms:
* Web application attacks
Fortinet: Leader in Gartner's 2014 Magic Quadrant for UTM
The most common of these are SQL Injection attacks and cross-site scripting vulnerabilities in Web applications. A WAF (Web application firewall) can be used to deter or mitigate these type of attacks. Networks Unlimited notes that the Open Web Application Security Project (OWASP) is an open source application security project community that works to create freely-available articles, methodologies, documentation, tools and technologies, and is an excellent resource for Web application security and information.
* Cyber espionage
Next-generation firewalls or advanced threat protection sandboxes can be used to proactively stop any attacks on network traffic by scanning for viruses and potentially malicious traffic.
* Point of sale intrusions
Meeting PCI DSS security standards is crucial for organisations that handle cardholder information. Part of these requirements are to install and maintain a firewall, protect the stored cardholder data, encrypt the transmission of the data and track and monitor network access.
* Insider misuse
* Crime ware
As in the case of insider misuse, endpoint protection and DLP solutions can be used to monitor and control online and offline user activity.
* DDOS attacks
DDOS protection solutions help you protect your Internet-facing infrastructure from threats and service disruptions by surgically removing network and application-layer DDOS attacks. You can defend your critical on-premises and cloud infrastructure from attacks while relying on sophisticated filtering technologies to allow legitimate traffic to continue to flow. These scalable, high-performance appliances deliver proven DDOS defence, and are completely interoperable with your existing security technologies and network infrastructure.
Jacobsz notes that in many cases, attacks are multi-layered, demanding a multi-layered security strategy. "Enterprises must reduce the surface for unauthorised access; step up threat prevention through advanced systems for inspection of traffic and applications; step up threat detection using intelligent tools to search for indicators of anomalies within the network; implement an effective incident response plan and introduce continuous monitoring," he advises.