It should not be a surprise to network owners that there is a vivid rise in the number and complexity of cyber threats and targeted cyber attacks. The bad guys have simply gotten smarter, have more money to spend, and are simply better equipped than before. Those of us trying to defend the IT fortress with aging perimeter defenses see this well equipped enemy on the rise. We are seeing more frequent and highly targeted attacks resulting into higher financial and brand degradation impact to business and intelligence agencies worldwide. There is also a more noticeable diversity when it comes to key motivations behind these attacks. Script kiddies are all grown up: hacktivism, cyber crime (focusing primarily in financial gains), cyber espionage or cyber warfare (state sponsored) are the order of the day.
The good news is that we are seeing an influx of technology innovation and solutions focused around network, big data visibility, and security. Just taking a look at the Hot Security picks for 2013 and 2014, we already see emerging solutions aimed to address challenges around cyber-security and Big Data security analytics.
We are also seeing more collaboration between intelligence agencies, i.e. ISCA Council, as well as partnerships between government, innovators and investors lead by organizations like SecurityInnovation Network (SINET).
However, IT security organizations worldwide, big enterprise, government or SMBs are still faced with some major challenges regardless of a healthy 41% increase in security budgets in 2014, positive collaboration seen between intelligence agencies, and increased number of security start-ups because:
A) They can’t simply afford the time and the cost needed to acquire, validate, deploy and manage the new breed of security tools needed to combat new threats.
B) They can’t find the right breed of Cyber-Security Soldiers (and when they do, many can’t afford to keep them) needed to effectively operate the next generation of security and forensic tools effectively to combat new breed of attacks.
First challenge: If IT security organizations where to follow the good old proven Defense-in-Depth strategy, there is simply a massive number of tools needed to combat these attacks that need to be deployed and managed. IT Security Operation teams must be able to rapidly evaluate, deploy and operationally managed the new set of bleeding edge technologies developed in an efficient and cost effective manner. These tools must keep up not only with the emerging type of threats, but also with the rapidly growing network speeds and the amount of data that needs to be captured, analyzed and acted upon.
Second challenge: A more difficult one to solve is that there are just far too few subject matter experts (SMEs) that pose a well-rounded experience and a much needed “context”. You need experts that can help look for the next unknown threat or the advance targeted attack that may already be inside your enterprise. These can be a new breed of DDoS technique, or a hidden multi-stage Advance Malware Techniques, or good old SQL Injections techniques already targeting your intellectual property and key assets like your customer’s credit card data or personally identifiable information.
The Good News
|Free webinar on how to build a defense in depth security with NPB|
To help address the first challenge many enterprises have turned to new complementary technologies like Network Packet Brokers (NPB) or Network Visibility Controllers (NVC) as well as more academic solutions like OpenFlow. These new complementary solutions aim to help IT organizations worldwide speed deployments and optimize security and forensics infrastructure as they design and build new generation cyber fortress needed to combat new type of targeted attacks.
Embry-Riddle Aeronautical University in Prescott, Arizona announced formation of the nation’s first College of Security and Intelligence. This is a way to address “the growing need for highly skilled cyber security, forensics and global security and intelligence experts.”