Story image

Why big data protection is actually a team sport

15 Mar 2017

For businesses trying to fight the cybersecurity war, increasingly sophisticated security threats like ransomware and attacks on Internet of Things (IoT) devices are tough opponents.

Across the globe, backdoors in IoT systems provide hackers with millions of unprotected gateways into IT infrastructure, while cybercrime syndicates are structuring a value chain for ransomware tools.

Locally, almost a quarter of Australian organisations deal with security breaches that interrupt their business on a monthly basis. DDoS attacks and the Mirai botnet have recently proven how vulnerable the connected devices and online properties are to exploits. It’s not only breached businesses that are affected.

Organisations with data held by those businesses are also compromised. For example, the Dyn botnet attack brought down several popular online services including Airbnb, Amazon Web Services and PayPal, all of which store personal and financial customer information.

With this in mind, it’s easy to see how a team mentality is required to combat security threats, especially when it comes to protecting data. The Australian government, security vendors and their customers are three key players.

The Turnbull Government has responded by announcing a plan to create a mandatory data breach notification scheme for business and government organisations, which is set to come into play as early as this year.

Under the new legislation, organisations that realise they have been breached or have lost data must immediately report the incident to the Privacy Commissioner and notify affected customers.

Companies or agencies that fail to do so face penalties of up $1.8 million. Individuals can be fined up to $360,000.

The Australian Government’s sharpened focus on data protection will put security and privacy breaches in the spotlight like never before.

As Australia transitions to a digital economy, we’re seeing a huge amount of data gathered and stored. Gartner expects there will be 21 billion connected ‘things’ worldwide by 2020.

While this level of connectivity offers plenty of benefits, it poses security risks to users and external organisations, and the cost of security breaches to local organisations is only going to increase.

While many businesses have a security policy in place, they’ve traditionally relied on point security solutions when a multi-vendor environment is required to gain end-to-end threat visibility.

However, data protection and recovery requirements have moved beyond traditional security solutions. Businesses need to streamline security infrastructure and drive threats out of their organisation at every opportunity.

The quicker businesses detect anomalies in their infrastructure, the better. Attacks are often months or years old by the time they are discovered, as many security point solutions only store a few days or weeks’ worth of data.

Findings from FireEye M-Trends Report 2016 show that the average number of days to detection is 146, and that 53 percent of attacks are detected externally, on average at 320 days. This is why having an analytics platform that can store and retrieve years’ worth of data is critical to ensuring organisations meet the Turnbull Government’s proposed regulations.

As a result, we’re seeing security vendors up their game plan. They’re collaborating with one another, rather than competing on offerings, to help businesses strengthen their security posture. 

ForeScout is a good example. The enterprise security company provides joint customers such as Brown-Forman visibility and control of devices connecting to its network in order to detect threats and execute a response very quickly.   

Unlike traditional, single point approaches, ForeScout is using an adaptive response model which combines alert and threat information from multiple security technologies.

With this collective insight, security teams can make better-informed decisions across the entire kill chain, especially when validating threats and applying analytics-driven responses to their security environment.

For customers, this collaborative approach improves the speed and strength of threat detection and response by connecting intelligence across security domains such as endpoints and networks.

While traditional security products are still essential for the frontline, they’re not designed to work well together out of the box.

An adaptive, connected nerve system enables organisations to analyse and correlate a wide range of data across a multi-vendor environment, helping their security team to work faster and with more agility. 

And as the Turnbull Government takes a step forward in the escalation of data protection, now is the time for local businesses to do the same.

By leveraging the industry’s unified defence against attacks, organisations across public and private sectors have the opportunity to strengthen their security operations, and avoid striking out in the cybersecurity game.

Article by Simon Eid, Area Vice President, Splunk ANZ

Research reveals the state of AI in Australian businesses
While Australian organisations are concerned about the impact of AI on society, the research suggests Australian businesses could be doing more to minimise the potential risks.
AWS announces the general availability of AWS Ground Station
Once customers upload satellite commands and data through AWS Ground Station, they can supposedly download large amounts of data over the high-speed AWS Ground Station network.
Citrix to extend Workspace to Google Cloud
“In expanding our partnership with Citrix, we can better help these customers with their transformations by enabling them to access and run the applications their businesses depend on anywhere—simply, flexibly and securely.”
Hybrid cloud security big concern for business leaders
A new study highlights that IT and security professionals have significant concerns around security for hybrid cloud and multi-cloud environments.
“First-of-its-kind” VR training platform launches in Oz
Curiious IQ is enabled for any VR device and can stream live to small groups or up to 50 or more headsets simultaneously.
GitHub launches fund to sponsor open source developers
In addition to GitHub Sponsors, GitHub is launching the GitHub Sponsors, GitHub will match all contributions up to $5,000 during a developer’s first year in GitHub Sponsors.
Check Point announces integration with Microsoft Azure
The integration of Check Point’s advanced policy enforcement capabilities with Microsoft AIP’s file classification and protection features enables enterprises to keep their business data and IP secure, irrespective of how it is shared. 
Why AI will be procurement’s greatest ally
"AI can help identify emerging suppliers, technologies and products in specific categories."