By Bryan Hamman
If you are well prepared with your security systems – deployed in a holistic manner – you can prevent generic threats from getting into your environment. With the right tools, processes and people, you can detect and contain more advanced threats before they have an impact – but it all depends on preparation.
It should be noted that users are both a strength and a weakness. On the one hand, attackers are successfully using spear-phishing and watering-hole attacks to gain footholds within our networks – people are fallible. But, on the other hand, people are also very good at identifying suspicious or unusual behaviour.
Education and enablement are key. If our users are sufficiently educated as to the threats we face then we can minimise our risk, whilst at the same time we should enable them to raise concerns to the security team so that they can be quickly investigated. Also, data classification, appropriate network segmentation and authentication are critical. We need to put appropriate controls in place so that the people who represent risk are covered.
Personal user devices do represent a challenge, but this is manageable. As with everything in security, it comes back to preparation. We need clear policies on what personal devices can be used for, what data is stored on them and so on. We also need monitoring capabilities, or other access limiting technologies, to ensure that these policies are adhered to. The use of personal devices has spurred some businesses to put proper data classification and access restrictions in place, which is a good thing generally.
All businesses should assess their strengths and weaknesses from a security perspective. Even large, well-resourced organisations have gaps in their capability, and these need to be filled by external organisations offering services. In this context, the most important thing about using external partners for security is that services and technologies are selected that allows the right level of visibility to an organisation.
Large enterprises may want a lot of visibility of what is going on, smaller enterprises may not have the capability to interpret huge volumes of detailed data. The underlying service capabilities may be similar, but the presentation and packaging to the organisation have to be at the right level if they are going to derive the value they are looking for.
DDoS attacks are projected to escalate around the globe, so making sure that your organisation is adequately prepared against a DDoS attack is critical. From the perspective of the biggest cyber threat challenges that South Africa is facing, we are no different from any other country with Internet connectivity. The threats range from DDoS attacks that threaten availability of digital services and applications, to ransomware and more sophisticated advanced threats that target critical business and customer information.
The recently-announced partnership between Arbor Networks and parent company NETSCOUT of the integration between NETSCOUT’s next-generation, real-time information platform, ISNG, and the network threat analysis solution, Arbor Networks Spectrum, showcases the offering of a unique, intelligent solution in the fight against the advanced threat market. Using a common, shared data source promotes smooth collaboration between the network and security teams. This solution brings NETSCOUT’s patented smart data technology to advanced threat detection, delivering pervasive visibility for the entire enterprise. The result is faster detection time and investigation of advanced threats.
Arbor has been active in South Africa for many years and has experienced tremendous growth across the continent in recent years. We have been forging partnerships in leading African economies in a systematic approach, to ensure we can satisfy, support and fulfil the demand we create in these areas.
Bryan Hamman is Arbor Networks Territory Manager for Sub-Saharan Africa.