A recent study* suggesting that 41% of organisations are planning to increase their IT security budget by 16% in 2014 will of course come as welcome news to those who operate within the industry. Two-thirds of organisations revealed that they were concerned about security issues after seeing a flurry of news reports showing how security systems can be breached and private data infiltrated – and quite rightly so. With cyber-attacks becoming ever more sophisticated, it is extremely important to ensure that your IT security is more advanced than the threats against your organisation.
And this is the critical point. Whether due to complacency or naivety, too many organisations have failed to adapt security processes and procedures to reflect the changing threat landscape where the Advanced Persistent Threat (APT) is targeted, designed to steal valuable data – and leave no trace.
Organisations therefore need a completely infallible way of detecting the presence of malware if and when it does manage to bypass the perimeter. The back stop to traditional defences ideally needs to be a real time alert triggered by any change to file structure that might indicate compromise or the beginning of the slow move towards the central core of the business.
In the mature threat landscape, File Integrity Monitoring (FIM) must be considered. FIM is proven to radically reduce the risk of security breaches; it raises an alert related to any change in underlying, core file systems – whether that has been achieved by an inside man or an unwittingly phished employee introducing malware, or some other zero day threat blasting unrecognised past the Anti-Virus defences. Flagging up changes in this way ensures there is no chance of an APT gaining hold; no risk of the stealth attack that gets in and out leaving no trace – there is a trace and the business is immediately notified.
The fact is that every corporation is at risk at all times; 2014 is the year when IT security must get serious. New, advanced defences and detection mechanisms must be implemented to match the sophistication of the cyber threat.
Mark Kedgley, CTO, New Net Technologies, www.newnettechnologies.com
*
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.