Story image

Opinion: Why agility matters in the war against cybercrime

06 Jun 2018

Article by Endace EMEA senior director James Barrett

Business agility has long been vital for competitiveness. It drives everything from developing a customer base to capitalising on new opportunities. But as companies generate huge volumes of valuable data, the reality is that most are constrained by hardware solutions and lack of agility, rendering few able to respond to emerging cyber threats anywhere near quick enough.

Meanwhile, hacker’s agility remains unrivalled. Verizon’s 2015 Data Breach Investigations Report found the median time it takes for a phishing campaign message to get its first click was 82 seconds, while 60% of phishing attacks are able to compromise an organisation within minutes.

It’s proof of exactly how important agility is becoming, with evidence showing that the faster a data breach can be identified and contained, the lower the resultant costs. The 2017 IBM Cost of Data breach study showed strong correlation between the speed with which an organisation can identify and contain data breaches and the financial impact of the breach. Research results showed that in 2017 the average number of days taken to identify a data breach was a staggering 191, and while the cost of data breaches varies from country to country, the average total organisational cost of a breach in the United States was, for example, $7.35 million.

Note that this number doesn’t include post data breach costs, including the cost to notify victims. Soon, with the advent of GDPR and other similar regulation worldwide, businesses will have a maximum 72 hour window to understand what has caused the breach, whether it has been stopped, how much data has been lost and inform any individual affected from staff to shareholders. It’s enough to make a company anxious about agility.

Preparing for an unknown future

From a corporate perspective, the definition of agility is changing. It is no longer solely about responding quickly to attacks, but also around the ability to continue to evolve security capability and keep ahead of the attackers - which includes the ability to deploy new solutions or upgrade solutions quickly.

Companies trying to defend their networks from cybercrime are finding it increasingly harder to build defences that are agile enough. This is because the majority of security solutions are still being deployed as hardware appliances, which are expensive to buy and maintain on the basis that they are often single function or a single vendor vertically integrated solutions.

Other issues include the time needed to deploy and configure hardware solutions due to the need to raise budget, evaluate vendors, do proof-of-concept, purchase, deploy and configure - all of which can take months. Due to the nature of the CapEx cycle, these products are automatically given a limited budgetary lifetime too, generally being given little more than five years before being written off.

Agility by way of virtualisation

For a business to be truly agile when it comes to security, the need to move beyond hardware is paramount. Businesses need to look to virtualisation the same way they have with datacentres, where it has helped companies to remove the overhead of managing many individual hardware-based servers. From an analytics point of view, virtualisation can do the same thing, removing the need for expensive hardware, and facilitating the delivery of analytics solutions that collect packet data.

With packet data, companies have access to the definitive evidence of breaches, suspicious activity or network performance issues. This helps not only reduce unplanned downtime, but gives every cybersecurity team the ability to investigate a threat or a network performance issue quickly and conclusively so that they can respond appropriately.

How quickly and accurately businesses are able to respond to attacks is not a nice-to-have, but fundamental to competitiveness on a global scale and, if it isn’t number one on the boardroom agenda, it should be.

Mozilla launches Firefox Send, an encrypted file transfer service
Mozille Firefox has launched a free encrypted file transfer service that allows people to securely share files from any web browser – not just Firefox.
Ransomware’s decline equals cryptomining’s rise
ESET’s Security Days Conference recently took place to go over the current threat environment and what to look out for next.
IoT and DDoS attacks: A match made in heaven
A10 Network’s Adrian Taylor uses findings from a number of reports to illustrate his point that advances in technology are facilitating cybercrime.
ForgeRock launches Sandbox-as-a-Service to facilitate compliance
The cloud-based testing environment for APIs enables banks to accelerate compliance with Open Banking and PSD2 deadlines.
Cloud application attacks in Q1 up by 65% - Proofpoint
Proofpoint found that the education sector was the most targeted of both brute-force and sophisticated phishing attempts.
Singapore firm to launch borderless open data sharing platform
Singapore-based Ocean Protocol, a decentralised data exchange that promotes data sharing, has revealed details of what could be the kickstart to a global and borderless data economy.
Huawei picks up accolades for software-defined camera ecosystem
"The company's software defined capabilities enable it to future-proof its camera ecosystem and greatly lower the total cost of ownership (TCO), as its single camera system is applicable to a variety of application use cases."
Barracuda expands MSP security offerings with RMM acquisition
Managed Workplace delivers an RMM platform with security tools and services, such as site security assessments, Office 365 account management, and integrated third-party antivirus.