Businesses are being confronted by a new breed of profit-hungry cyber criminals, focused on accessing confidential data and intellectual property for financial gain. Cybercrime is no longer an issue of showmanship, perpetrated by hackers keen to disrupt IT systems. It has become a serious business and today's cybercriminals have become exceedingly efficient in their plans to access and exploit business critical information.
More feared than terrorism
The recent Hydraq attacks highlight the targeted nature of today's threats, designed specifically to steal confidential information. According to a recent report into worldwide cybercrime trends, 60 percent of identities exposed in 2009 were compromised by hacking attacks. In addition, according to a broad study of large organisations, 90 per cent of Australian and New Zealand enterprises have fallen victim to cyber attacks in the last year.
Enterprises are very aware of the risks of cybercrime with 43 percent of Australian and New Zealand (ANZ) organisations rating it as their top business concern. This threat was ranked higher than natural disasters, terrorism and traditional crime combined.
Protecting business critical information from cybercriminals is complicated due to a number of factors. Firstly, the pace of information growth is accelerating, IT infrastructures are expanding and new computing platforms are being adopted. At the same time, the workforce is becoming more mobile. Employees are accessing and sharing company information at home and on the road, leaving companies more vulnerable to the risk of data loss. It is clear that, in this environment, security professionals have more to manage than ever before.
A three-point plan
To protect themselves effectively, businesses now require a focus on security continuity that allows them to continuously respond to internal and external changes.
First, businesses need to take a risk-based and policy-driven approach to security. Information growth continues to expand exponentially. It would be too costly and inefficient to try and secure everything, so businesses should focus on their critical data and assets only. Today's attacks by cybercriminals and insiders alike often take advantage of weak IT policies that expose information. Companies need more comprehensive and effective policies to control who and what has access to information and infrastructure.
Second, companies should take an information-centric approach to security. Businesses need to know where their important information assets are and who has access to them. And if a company doesn't have a good handle on where their important information is, then they are at risk. It's not only important, however, to know where your information is. You must also make sure that the right things happen as that information flows both within the company, and to and from the company.
Finally, companies need to operationalise their infrastructure management through standardisation, workflow and automation. A well-managed infrastructure will ultimately result in a better-protected infrastructure and a safer online working environment.
Protecting key vulnerabilities
Research has shown that cybercriminals are targeting four key areas of weakness that are putting business environments at risk: poorly-enforced IT policies, poorly-protected information, poorly-managed systems, and poorly-protected infrastructure.
So how can businesses manage the four key areas of weakness and focus on protection that matters? The following tips provide a good starting point.
- Develop and enforce IT policies, and automate risk management and compliance processes.By prioritising risks and defining policies that span across every location, businesses can enforce policies through built-in automation and workflow, and not only identify threats but remediate incidents as they occur or anticipate them before they even happen.
- Protect information proactively by taking an information-centric approach to protect both information and interactions. It's not enough to know where the information resides - you need to know how it moves and who has access to it so you can protect it. Taking a content-aware approach to protecting your information is key in knowing where your sensitive information resides, who has access, and how it is coming in or leaving your company.
- Manage systems efficiently. Systems management needs to make an organisation's life easier through standardisation, workflow and automation. These are things that can be put in place to make security software do the heavy-lifting on everything from patch management to regulatory audits.
- Protect the infrastructure and respond to threats rapidly.Companies need visibility into their systems so they can manage them properly and ultimately protect against emerging threats.
As the latest report into worldwide cybercrime trends amply demonstrates, the threat landscape continued to evolve in 2009, with significant growth in both the volume and sophistication of cyber crime attacks targeted at enterprises. The good news is that targeted attacks can be defeated. By taking precautions against the four areas of weakness, organisations can significantly bolster their defences against targeted attacks and defeat the new face of cybercrime.
Brad Newton is the director of enterprise sales at Symantec Australia and New Zealand