ENISA, the EU’s cyber security agency, this week released the 2013 version of its annual threat landscape report. The report highlights the top threats of 2013, identifies emerging threats and details open issues, such as the fact that end users lack basic security knowledge; the need for greater coordination of information collection, analysis, assessment and validation of data, and the importance of increasing the speed of threat assessment and dissemination.
As has been the trend this year, this report once again exposes the fact that not enough is being done by businesses to protect themselves from the extensive range of cyber threats they face today. The fact that one of the open issues relates to a lack of knowledge among end-users worries me – because by now, every organization should be educating their employees on IT security best practices. Barely a day goes by without reports of some form of cyber attack taking place and organizations really need to sit up straight and learn from past mistakes as we prepare to enter a new year.
Too many organizations are still over-reliant on traditional security tools, such as anti-virus, but it is a proven fact that these cannot combat the myriad of techniques being constantly developed by hackers. Instead, businesses should be making a point of actively protecting their networks as after all, it’s them that will suffer the consequences of a successful data breach – both financial and reputational. What is more, as ENISA points out, far more knowledge sharing is required if we are going to be successful at beating cyber criminals, as only once all the pieces of information are combined and put into context can we gain true intelligence.
The only way to overcome these issues is by having constant 360 degree visibility into any activity taking place on the IT network. Such granular insight allows any anomalous activity to be identified in real time and remediated immediately – rather than after the damage has been done. Taking this approach will also provide organizations with vast amounts of information that can be forensically analyzed in order to understand the context of the threat in greater detail. There is no doubt that we need to work together to fight this battle, if we fail to do so, mistakes will only be repeated and the open issues will never be resolved.
none | Uncategorized