Being proactive is the best defence: Ixia: Page 2 of 2
By Gabey Goh July 4, 2014
The problem with securing security
The average time it takes from a threat penetrating an enterprise network successfully to when internal IT staff recognise the compromise is about seven months, according to Naveen, adding that that’s a very long time to not know.
“You take that kind of data to a CIO, telling him or her that the network has been compromised for seven months and during that time, you’ve had people with cancer operating within your network and you don’t know what they’ve done – that’s the scary part.
“That’s what we tell customers, to think of it as a cancer, out to attack you at all times and your body is fighting it off as much as possible. That’s what they’re designed to do. Your networks are also built to have some resiliency but all it takes is for a few cells to ‘get through’,” he added.
Naveen said that when talking to CIOs, one thing is very clear: That spending on network security infrastructure is definitely increasing, with many projects coming up and organisations willing to spend more out of fear and uncertainty over potential breaches.
Indeed, the CSIS report projected the global market for digital forensics growing 67% from US$221 million in 2011 to US$369 million in 2013 as companies grapple with security incidents and data loss.
The market for next-generation firewalls designed to detect and block malware or exploits in network traffic showed an increase of 43% from US$2.2 billion to US$3.2 billion over the three-year period, followed by the market for security information event management systems which showed a 21.9% increase from US$1.3 billion to US$1.5 billion.
“But ask CIOs whether they are more confident about their security defences, and that has not gone up at all. The divide between spend and confidence is growing – companies are spending more money but at the same time are not sure if their networks are secure,” Naveen said.
A large part of this lack of confidence lies in many organisations being unsure about where to make their next security investment.
“They have a multiplicity of choices," Naveen said. "They can spend on firewalls or gateways, and there are many solutions available out there – but which one would make it more secure?
“Organisations need to do network audits, to check the resiliency of the network. So the things they need ... are analytics tools, to provide visibility into the entirety of their network and better inform the next dollar spent in this area,” he added.
To truly address the security problem though, Naveen said that a holistic approach must be taken, looking at technology and infrastructure first, which is where Ixia hopes to play a role. This is followed by people and education; and lastly, sound corporate security policies.
“Do we have enough cyber-ninjas or samurais with the right level of security expertise? This is a new skill and profession which didn’t exist a few years back that’s developing quickly, and organisations are increasingly going to require these skillsets,” he said.
The notion of hiring shief security officers to oversee defences is also a new development and a position currently filled in very few organisations. This is coupled with the reality that the progression of security defence build-up will happen at a different rate in different verticals, despite the problem being one that is pressing to all.
“Today’s networks can be attacked in so many different ways and cybersecurity is the only area in the world where hackers and defenders essentially have the same technology available to them. The minute hackers get better at something, the defenders step up, and this never-ending cycle repeats," said Naveen.
“The best defence in this ever-changing environment, where the only guarantee is things can get worse, is proactive measures and being vigilant,” he added.