Advertisment

'Solns and best practices can keep enterprises safe'

author-image
CIOL Bureau
Updated On
New Update

BANGALORE, INDIA: In today’s sophisticated threat landscape, traditional security controls are not enough to protect critical assets. Threats are not only growing in volume and complexity, instead with constantly evolving technologies, attack techniques are making security a moving target, exposing the enterprise to new dangers every single day. As a result, it is increasingly difficult to defend against emerging threats while providing users with unfettered access to resources. 

Advertisment

 

Business today is characterized by an unrelenting demand for real-time information; be it from employees, partners or customers. No wonder then, there are mounting pressures on businesses and IT organizations when you consider three variables:

a) the compounding amount of information that companies have to store, secure and manage

b) the increasing infrastructure complexity within the organization, and

c) the diversity of government and industry regulations with which organizations must comply.

Advertisment

In fact, most organizations today would be required to protect desktops, servers and the network, with the concept of working from anywhere and anytime — the use of smartphones, tablets and the increasing work-from-home culture is leading to a proliferation of endpoints that each organization needs to manage. This means even as there are newer and more targeted threats to secure themselves from; enterprises have a sudden surge in the number of devices that they need to protect. Besides, the increasing complexity of globalized business environment is making it important for Indian enterprises to manage IT compliance. Furthermore, endpoints are just the medium — attackers today are going after confidential information that they can exploit to bring a company down or profit from.

ALSO READ: Security Tips from Symantec

Nearly three-fourths of Indian respondents according to Symantec's latest Survey* experienced cyber attacks recently, with 72 per cent indicating that they had witnessed attacks in the past 12 months. What's worse, these attacks are having a business impact, with 92 per cent suffering losses on account of cyber attacks.

Advertisment

But they are fighting back - ongoing security efforts have paid off and the survey* revealed a 40 per cent decline in the average revenue lost due to cyber attacks, to Rs 41 lakh this year. Yet, even as Indian businesses shore up their defences, trends such as mobile devices, social media and cloud computing are posing significant challenges. Further, there is also a marked increase in the insider threat to data - from malicious employees stealing information, to negligence causing confidential data to be leaked. The dynamic nature of threats from a multitude of sources now means organizations have to effectively reduce risk and ensure data is protected at all times, no matter where it is used or stored.

Effective security helps maintain the integrity of valuable assets, enables compliance with industry regulations, and helps ensure the integrity of a trusted brand image and sustain business continuity. But providing an effective level of security requires state-of-the-art technology, experienced personnel, proven processes, and continuous threat intelligence that few organizations possess. Since many of these devices are also accessing data and applications on the cloud, it is important to have a strategy that is not limited to the physical infrastructure but also virtual environments.

Cyber-attacks are increasing in effectiveness, frequency and sophistication. The first half of 2011 witnessed several sophisticated and targeted attacks that compromised confidential information of several global businesses. Infact, according to Symantec’s Internet Security Threat Report XVI, attackers unleashed more than 286 million distinct malicious programs in 2010 that amounts to an average of nine new threats every second of every day. It is essential for organizations to integrate security tools with advanced threat prevention to deliver unmatched defense against malware for laptops, desktops and servers and reduce the administrative burden of protecting endpoints against known and unknown threats.

Advertisment

Many of these new attacks are known as Advanced Persistent Threat (APT) that is designed to penetrate even well-protected networks and stealthily communicate with an attacker. APTs can be used to passively collect passwords and IDs–or to actively allow an attacker to control or even damage remote systems. Because APTs are so hard to spot, they often infect computers for months or even years before being revealed.

A recent Ponemon Institute (Global) study commissioned by Symantec revealed that organizations across the world spent an average of USD 7.2 million in 2010 to deal with the damage caused by data breaches. The recent headline-grabbing attacks, however, show that cyber attacks can affect not only the bottom line, but also threaten the reputation of the organization.

Today’s organizations need to manage risk proactively, protecting not just the infrastructure that data resides in, but also the information itself that are dispersed across the cloud, smart devices and social media. Enterprises today require a holistic information security and management strategy in minimizing the business impact of cybersecurity issues.

Conclusion

Today, cyber-criminals have an upper hand because they can quickly customize and execute targeted attacks. Given this volatile environment, enterprises must have confidence that they are protected against both known and new cyber threats. Considering the nature of threats, a good knowledge of solutions and best methods can keep your enterprise or business trouble free.

(The author is vice president and managing director, India Product Operations, Symantec)

tech-news