cancel
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Welcome to the new look Community! We're still upgrading and making some changes to the platform over the coming weeks! Stay tuned.

Four reasons why you may need to re-evaluate your enterprise security

Retired Employee AndrewStephanou
Retired Employee
0 0 3,087

It doesn't matter how much you spend on security technology - it may not be enough to mitigate against the new breed of advanced threats.

On-Guard-Security-Opinion-Paper.png
Download Full Opinion Paper

 

Studies by security specialist FireEye and its services division Mandiant reveal just how today's threats have evolved - and four compelling reasons why enterprises may need to re‑evaluate their security systems and processes[1]:

 

  1. Security breaches are almost inevitable. FireEye found that a large proportion of the organisations it was investigating had been breached, with at least one attacker bypassing all security layers in a six-month period.
  2. Most breaches are serious. In three-quarters of the organisations, the company discovered the perpetrators had control over the compromised systems.
  3. Many breaches are hidden and long-lasting. Mandiant found that attackers were present on victim networks for a median of 229 days before being discovered.
  4. Industrial espionage is real. The company uncovered definitive evidence that international hackers had stolen secrets from Australian companies.

 

Is your organisation already breached?

Distributed denial of service (DDoS) attacks, hacktivism, SQL injections, ransomware and zero-day attacks...the threats are becoming more sophisticated, but perhaps none more so than advanced persistent threats (APTs).

 

An APT typically attacks an enterprise over an extended period of time using multiple, highly targeted intrusion techniques. The perpetrators' aim is to gain privileged network access. So it doesn't matter if data is located in the cloud or on-site; once the attackers have infiltrated the organisation, they can quietly steal data until they're discovered - which, without the right solution, can take months.

 

Fighting the new threats

Technology on its own can no longer protect business networks and data from threats such as APTs. Of course, traditional security systems are still important to block known malware and random attacks, but guarding against targeted threats requires a combination of effective technology, security intelligence and analytics, incidence response capability, and highly skilled security specialists.

 

After all, as several recent well-publicised incidents have shown, security breaches can have a serious and ongoing impact on your organisation's reputation.

 

To learn more about how to protect your enterprise against advanced, targeted threats, see our paper On guard.

 

[1] M Trends: Beyond the Breach, Mandiant, 2014, www2.fireeye.com/fireeye-mandiant-m-trends-report.html.

Tags (2)
About the Author
Andrew joined Alphawest in 2010 as the National Security Practice Manager and more recently appointed to the role of Director of Security Centre of Excellence in Optus Business with responsibility for strategy and delivery of Security Services. Andrew has worked in the ICT industry his entire career and has held various roles within network integration organisations - focusing on areas such as ICT and information security, enterprise risk management, IT governance and compliance.
Topics