The Data Centre as a Time Machine

Written by

Since 2012, the World Economic Forum has noted cybercrime as one of the most prevalent themes on the global agenda. Its Global Risks Report demonstrated how cyber-attacks are expected to feature highly as an issue across the globe for the next 10 years.

It certainly feels like we’ve hit the perfect cybersecurity storm. Defenders are still struggling to keep pace with the cyber-criminals who are gaining alarming pace, aided by the freedom in both space and time to operate. Tackling this is one of our nation’s highest priorities; however the problem is a global one.

Advances in technology have the potential to alter the way we live, work and relate to one another in unimaginable ways. While the future is in reach, caution is growing. To realize the benefits we need to solve the security risks and it is clear that in the UK we still have some way to go.

Cisco’s recent Annual Cybersecurity Report highlights the need for advances in IT infrastructure to be balanced with security maturity, to ensure we’re not opening the doors wider to threats. Those countries with the most advanced infrastructure are potentially most at risk. Our report found the UK to be at the bottom of the list, with an imbalance in the maturity of security and the strength of our infrastructure.

Our dynamic and growing, yet diverse digital economy is one that we should be proud of. Digital businesses are growing at pace and are a huge potential driver of growth for our economy. Yet to realize the potential impact of digitization, we need to help businesses get to grips with the reality of the cybersecurity threat landscape we now find ourselves in.

Today, the average large enterprise will experience 70,000 security events per week. Each one needs to be manually checked to make sure it is genuine. Many are classed as ‘false positives’, identified abnormalities that are flagged but once investigated are considered unlikely to constitute real threats. This process of monitoring is expensive and results in an average of $1.3m per annum in lost time.

The danger here is that there is always the potential for a number of the previously classified ‘false positives’ to remain dormant, unchecked and yet ripe for the picking for cyber-criminals looking for an easy way in further down the line.

Attackers are not only creating new, malicious ways of accessing precious data, they are targeting access points that are left unprotected and are continuing to use well-known attack methods, some exercised as far back as 2010 such as email spam, to target their victims.

Worryingly, cyber-criminals are no longer working in isolation. Organized cybercrime is increasing and these gangs are using sophisticated techniques to trick businesses and attack them from all sides. This puts increasing pressure on businesses already facing the challenge of evolving their business to stay competitive.

Businesses need to regain control. The good news is that advances in technology are helping the fight against cyber-criminals. From networks that can work as sensors and deliver intelligence back to the business, to next-generation data centres that enable visibility at a level that’s never been achieved before. The latest technology is helping to streamline the fight against the cyber-criminals, and allows businesses to digitally evolve whilst also shoring up their cyber defenses.

One of the ways that technology is doing just that is by supporting the human fight and predicting security threats by monitoring for changes in known patterns in data center traffic.

Cisco Tetration Analytics, which provides real-time analytics and forensics into all events that take place in the data center, collects data at one million events per second and stores them for up to a year. This not only provides organizations with an ample time period to fully capture and analyze results, it helps to identify patterns or anomalies in behavior. The advanced analytics deliver critical information to businesses to help them make smart actionable decisions, in real time and when it matters the most.

This contextual information can help businesses detect security vulnerabilities before it is too late. It helps organizations make decisions based on clear information from the past which can help to inform the future. Once threats have been identified, they can be traced back so that lessons can be learnt for the future, and the attack surface reduced.

In a thriving digital economy, keeping pace with the level of threats will always be a challenge, but by innovating at the same pace as the cyber-criminals, and by taking note of lessons learnt in the past to inform the future, we will be one step closer in regaining control of the cyber-storm.

What’s hot on Infosecurity Magazine?