Comment: Cybersecurity requires a multi-layered approach

Mather says vendors are tasked with helping organizations design and implement multi-layered security programs
Mather says vendors are tasked with helping organizations design and implement multi-layered security programs

On April 5, 2011, Global Industry Analysts, Inc. released a report on the cyber security market and its expected growth over the coming years. The stated impact on society is a staggering $1 trillion in losses, and the vendor landscape is expected to reach $80.2 billion by 2017. These numbers and the findings of the research are a great reminder that the internet is a prime target for malicious behavior, and as social networks and mobile platforms become the norm, end users and their data are at greater risk of attack.

The internet has become a primary conduit for cyber attack activities, with hackers channeling threats through social-engineering attacks and even using legitimate websites, meaning that more people are at greater risk than ever before. Financial fraud, phishing, malware, man-in-the-middle, man-in-the-browser and man-in-the-mobile attacks continually result in huge losses for consumers and companies alike. This has prompted the cybersecurity technology market to flourish and make significant strides in revenue. However, it’s important not to lose sight of the fact that the end goal is to protect as many end users as possible.

The criminals target end users to make money, and as cyber security providers, we need to protect consumers and companies from these targeted attacks. To successfully thwart attacks, a multi-layered approach to security is best.

Prevention

Being proactive is essential when it comes to cyber security. Make sure your developers write secure code for your websites, educate customers on security best practices and provide tools to protect their web sessions such as anti-virus, anti-malware, encryption, auto log off, etc. By securing the environment as much as possible, you can significantly reduce the risk of attack.

Cyber criminals often target the weakest systems as this will give them the best return on investment – yes, they are a business too. The more work you do to protect your website and your customers, the less attractive you become as a target.

Detection

The ability to detect new threats as they emerge is invaluable. Criminals work quickly and efficiently. To minimize losses and brand impact, it is important to detect known threats as soon as they occur on a website.

Unfortunately, most organizations still operate very reactively when it comes to cyber attacks – they rely on their customers to report an incident before they are aware of it themselves. This is a problem that needs to be rectified across the industry, and real-time monitoring of all clicks across a website is the best place to start. The use of web session intelligence gives organizations a 360-degree view of all behavior on a website, and administrators and security professionals can then immediately identify abnormal/malicious activity as it occurs.

Response

Before an attack hits, it is important to put processes in place to address threats when they emerge. First you must ensure you have an incident response plan. Develop a series of plans that kick off a series of events to stop the criminal mid-stream and minimize the impact of an attack.

Next, identify your key stakeholders. For each type of event that could occur, security teams need to have an identified leader and a short list of people that can help respond to the threat. You should also make sure to identify those who need to be contacted from a business perspective and can work with other teams to address company-wide issues, either publicly or with customers/partners if needed.

Lastly, make sure to devise a communications plan in case of an attack. Organizations must have a plan in place to identify how they will communicate publicly about any attack or event that occurs. This is imperative, as news of breaches leaks quickly, and customers and partners need to be notified of any possible threat to their data/information before learning about it through the media. Most of the complaints we hear about the different types of breaches center on the lack of communication around the attack.

Addressing Evolving Threats with a Long-Term Vision

As we have all seen, online threats are real, and they are growing. New threats emerge daily and so often I see organizations ignore new attacks and pretend they don’t exist, so as to avoid implementing additional processes and security measures.

All departments are stretched, particularly in IT and security, so this attitude is believable, though not understandable. By approaching your cybersecurity program with a long-term vision, you can begin to see that addressing new threats now will reduce risk in the future and prevent you from dealing with potential attacks over time. This is essential to protect your business and its continued growth and success, while improving the efficiency of your resources.

Industry vendors are tasked with helping organizations design and implement multi-layered security programs. It is our job to work together to address new and existing threats and truly accomplish our common goal of staying a step ahead of the sophisticated online criminals threatening security today.


Laura Mather, PhD, is a founder and vice president of product marketing at Silver Tail Systems. A worldwide expert in combating internet fraud, she is also the managing director of operational policy for the Anti-Phishing Working Group, where she drives internet policy to fight electronic crimes of phishing, pharming and spoofing. Prior to co-founding Silver Tail Systems, Mather spent time in fraud prevention and anti-phishing at eBay, was a director of research and analysis for the online division of Encyclopedia Britannica, and a research analyst for the National Security Agency (NSA). Mather holds a PhD in computer science and a BS in applied mathematics, both from the University of Colorado.

What’s Hot on Infosecurity Magazine?