Video: Data Protection and The Art of Layered Security
The Contemporary Cyber-Threatscape
Your organization is under attack right now.
The range of techniques and battlefronts is bigger than ever and while Cyber Security incidents being in the headlines isn't new, this year has been unprecedented in terms of headlines in the mainstream press.
- The number of new malware samples identified each year exceeds 25 million and this number is increasing by over 20% each year. With phishing attacks on the increase too, how will Anti Virus Systems ever keep pace?
- Hacktivist groups, using cyber-attacks against government and corporate targets are a new phenomenon, looking to cause disruption to any target they see as a cause celebre. Threatened cyber attacks are a common corporate blackmail weapon employed by organised crime, and as such, more companies will be exposed to this type of highly organised attack.
- But the more common issue for any organization is the Insider Threat. What defences do you have against a trusted employee gone rogue. One with the privileges to access business critical systems. This could be a simple malicious revenge attack by a disgruntled ex-employee, or someone duped or coerced into assisting criminal activity.
- And then we have the Advanced Persistent Threat or APT. So far the APT has largely been viewed as Government sponsored cyber-espionage. However the leading edge of technology usually becomes the norm a year later, so expect to see APT techniques reach the mainstream and be exploited by business competitors undertaking industrial-espionage for intellectual property theft.
So despite our defenses being better than ever before, all automated security technologies still suffer with security blind spots. Signature based technologies will always be prone to zero day threats, while phishing attacks will always catch enough suckers. We aren't saying that Anti Virus technology and firewalls are of no use, but it is time to recognise they will never be fully effective against all cyber threats, especially the inside man scenario or the more elaborate APT attack.
File Integrity Monitoring – At The Core of A Layered Security Strategy
The NNT view is that there is an art to delivering effective security. By recognizing there will always be gaps in modern automated security defenses, it becomes clear that there is an essential need for fundamental security measures. File Integrity Monitoring, combined with best practice processes in device hardening and change management, are the only way to maintain truly secure systems.
NNT Change Tracker provides protection against threats by ensuring all security best practise measures are in place at all times. If any weakening of defences is detected, these will be clearly identified, including any changes to system files and significant configuration settings.