Friday, March 28, 2014

Analysis of 3 billion attacks - No surprising results , companies are big part of the problem

Result state that many basic processes and procedures that companies are failing to implement are a major contributor for the problem.

Look at the solutions, not one of them is ground breaking. All of them are common sense solutions. They all need long term planning, patience and realistic metrics to measure their success.

It is not easy but, not impossible. When the stakes are high, what are our choices?


According to the article:- 

NTT has pooled the resources of its group companies and produced a threat report based on an analysis of 3 billion attacks.

NTT makes four primary proposals. 

Companies should still protect their perimeter, even thought that perimeter is continuing to change and shrink. The primary tool here is still up-to-date anti-virus. Although this would seem to be a given, NTT notes that "43% of incident response engagements were the result of malware against a particular end point," and that significant factors "were missing basic controls, such as anti-virus, anti-malware and effective lifecycle management."

Patch management needs to be improved. While accepting that this is not easy, and that "timely installation of every patch on every system is often impractical," the report stresses that companies must be aware of the issues "and need to ensure they are prioritizing countermeasures against these exploits."

Business needs to define and test incident response. "Too many organizations have untested, immature or non-existent incident response programs. This makes them unprepared for the inevitable attack." Appropriate incident response, it says, "is critical to minimize the impact of security breaches."

Business must learn to be as fast in exploiting new defense technologies as criminals are in exploiting new attack vectors. "The speed of exploit weaponization is increasing," says NTT, "and may surpass an organization’s ability to respond quickly and effectively (if it has not already). New technologies include capabilities such as application isolation techniques, micro VMs, sandboxing and machine learning. 


The link below has more information:-


No comments:

Post a Comment