Recent research has found that the number of internet users worldwide will surpass 3 billion in 2015, covering over 6 per cent more of the world’s entire population than in 2014 to reach 42 per cent, according to eMarketer.
While the Internet was once generally restricted to the ‘top 20’ countries, this is no longer the case, as connectivity and technology become growing focus areas for many countries globally and the number of internet adopters increases at rapid speed. There is no denying the fact that the digital age is now a global phenomenon, bringing a wealth of opportunity across the world. However, there is also cause for concern.
Since the first PC virus in the 1980s, the threat and potential damage to businesses from cyber-attacks has sky-rocketed, as cyber criminals and their methods grow in sophistication. The volume of threats and attacks that have compromised data belonging to individuals and organisations has increased year-on-year.
The Cisco Annual Security report for 2015 explains that cybercrime is flourishing around the world, particularly in areas of weak governance such as Eastern Europe, for example. While attacks become increasingly sophisticated and attackers begin to move faster, defenses have to keep pace.
A recent Symantec report suggests that as vulnerabilities come to the surface, cyber-attackers are reacting within hours to exploit it and cause potential havoc to businesses at a faster rate than vendors are able to create and roll out patches. Such threats are causing heightening concern within businesses around the world, and showing no sign of slowing down.
It is time for enterprises to rethink their approach to cyber-security, to deal with the threats that are disrupting the day-to-day digital operations and cause downtime. According to the Washington D.C. policy think tank, Center for Strategic and International Studies (CSIS), if the impact of downtime was measured in terms of a dollar value, 24 hours of downtime from a major attack could cost US $6-million per day.
So, how do you know who the right security provider for you is? When making a decision, it’s vital that service providers offer three key areas of protection. You should consider the following points:
- Protection against Distributed Denial of Service (DDoS) attacks is absolutely vital. The only way to mitigate this threat is to have the right network fabric, so an organisation can weaken the malicious party’s distributed hubs.
- Advanced Persistent Threats (APTs) are also becoming more common place and here, traditional signature-based detection techniques cannot cope with zero-day attacks and targeted malware exploits. With APTs, older techniques such as signature-sandboxing have been rendered ineffective given that these targeted threats use multiple attack vectors on the target over a period of time.
- Counteracting APTs requires that a global Tier-1 network provider mitigate the risk through global threat intelligence and large attack aggregation points that serve as an early detection system. Malicious traffic is also a real problem in today’s digital world because if this type of traffic penetrates an organisation’s infrastructure, the company could suffer data loss, a loss of productivity or worse.
While this may strike some companies as overkill, it’s crucial that decision-makers truly consider the range of threats and the highly adaptive nature of cyber-crime, regardless of the likelihood that they associate with an attack and their business. Since 2011, the largest data breaches have been at multi-national organisations such as eBay, JPMorgan and Sony PlayStation, all of which no doubt have teams dedicated to ensuring the security of the business. But that is no longer enough, and the risk and cost associated with an attack must be a consideration throughout the organisation.
Therefore, cyber security is key topic for the boardroom, not just the IT department. CIOs and CEOs need to adopt a holistic approach to security as any form of information breach can be disastrous. The increasing dependence on cloud, Bring Your Own Device (BYOD), mobile and social media in the workplace poses further security considerations. Working with a security provider that covers all the bases is absolutely vital.