Express Computer
Home  »  Editorials  »  When Threats Persist

When Threats Persist

0 33

Sanjay Gupta

The time may just be ripe for a change in thinking when it comes to putting together an enterprise security mechanism

 

The information security industry is notorious for creating false alarms and publishing out-of-proportion reports on extent and cost of risk.

All the same, a lot of enterprises are equally notorious for being penny-wise and pound-foolish or overlooking important aspects when it comes to deploying security solutions.

In between are today’s mobile, screen-hopping users who like to be in control and yet scoff at the idea of employers or regulators requiring them to stick by policies or take strict measures to protect data.

As we have seen from multiple security breaches across the globe, not all alarms are false. Also, users and enterprises behave differently in response to incidents.

The struggle to provide complete security to users and enterprises continues unabated, with a complex mesh of tools, including anti-virus, firewall, counter-intrusion, encryption and what have you.

However, the time may just be ripe for a change in thinking when it comes to putting together an enterprise security mechanism. From doing things the traditional way to a more cohesive and comprehensive approach. And from taking a reactive and siloed stance to doing a proactive, thorough analysis of the needs of a particular enterprise.

That is because, of late, a new kind of beast is rearing its head worldwide: advanced persistent threat. APTs, as the attacks are ‘acronymly’ known, have wreaked serious havoc over the past half decade or so—at large organizations, sensitive government bodies, the poster boys of Web such as Google, and even the providers of security itself (RSA, Symantec, among others).

The new threats use a combination of tactics and tools to make highly targeted attacks. Of particular note are the use of zero-day vulnerabilities and social engineering employed to gain and maintain access to the targeted network—and escape detection for months on end. In most high-flying cases that have been reported, the breaches were discovered after the intended damage was done.

This seems to have upended the security industry, as enterprises are in a bind as to how much and what security measures can they really take to tackle targeted attacks.

In India, APTs are still relatively new but the recent DRDO attacks have put a spotlight on them. Will the banks and telcos (likely targets in addition to government agencies) be next? Are they prepared to deal with APTs with what they have or would they need specialist solution layers to pile on top of their existing jumbles?

Maybe they don’t need to wait for a real serious attack to occur in order to find out the answers.

– Sanjay Gupta
Editor, Express Computer

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 

Stay updated with News, Trending Stories & Conferences with Express Computer
Follow us on Linkedin
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image