Subscribe
About

Security strategies 'not working`

By Iain Scott, ITWeb group consulting editor
Johannesburg, 12 Jul 2004

Today`s strategies to defend networks against viruses, worms and Trojan horses are not working, says Gary Middleton, IT security specialist at Dimension Data.

Addressing the BMI-TechKnowledge/International Data Corporation African banking forum in Midrand last week, Middleton said there was a huge interest in how companies needed to comply with legislation and corporate governance requirements.

In auditing and risk management there was also a requirement to reduce business risk in order to comply to audit reports. Security was also key to customer confidence. The better the security, the higher the customer confidence.

The security market is growing, with a BMI-T survey showing that the market, worth almost R1.05 billion last year, would be worth R1.22 billion this year.

However, while network infrastructure was now more able to defend itself from attack, in 2002 the number of reported security vulnerabilities reached a record high, as did the number of reported security incidents. At the same time security product spending is also reaching record levels.

"There`s a huge increase in attacks and vulnerabilities, but also huge increases in spending. Something`s wrong," he said.

A 2003 Ernst & Young global survey found that the top security threat over the next 12 months would be major viruses or worms, with employee misconduct involving information systems coming second on the list. This was followed by distributed denial of service attack, loss of customer data privacy or confidentiality, and amateur hackers.

"The perception has shifted," Middleton said. "The main threat 18 months ago was seen as a hacker. We have found that customers have not spent money on updating their systems to cater for the new threats."

He says most organisations have implemented protection measures without a detection and response strategy, despite the fact that the technology to implement such a strategy exists.

By way of analogy, Middleton said in a home situation a security gate was the protection measure. An alarm system was a detection measure. Connecting to an armed response unit was the response aspect of security.

Malicious codes today are no longer simple, and perform multiple actions. In the first half of the year, such "blended threats" accounted for 60% of suspect code. The number of such threats was also on the increase.

Middleton says more legislation and governance rules will drive security spending in the future, particularly as IT security is a business risk issue. However, with employees factoring high on the risk scale, companies need a mixture of policy and technology to minimise the risks they face.

Share