Today, no word strikes greater fear in the heart of a business or IT executive than “cyber–security.” As threats become more common and dangerous—and high-profile breaches emerge as the new normal—there’s a growing recognition that conventional methods and approaches aren’t enough to secure an enterprise.
“In the past, if you had basic protections in place—things like a firewall, antivirus and intrusion detection—you were mostly safe and secure,” states Jeremy Samide, CEO of security advisory and cyber-intelligence firm Stealthcare. “The risks now extend far beyond the perimeter.”
Protecting systems and data in the era of connected networks, systems and devices is daunting, and businesses have become primary targets for malware, ransomware and direct theft. As Samide puts it: “It’s a chaotic and confusing environment. There are multiple threat vectors, increasingly sophisticated and effective attacks, and a general lack of security standards.”
The end result? According to the “2015 Ponemon Institute Cost of Cyber-Crime Study,” average annual losses to companies worldwide now exceed $7.7 million. Meanwhile, enterprise leaders are scrambling to address a growing array of risks, challenges and threats.
Understanding Cyber-Security Trends
Sorting through cyber-security trends and arriving at a set of solutions and cyber-security best practices is challenging. A starting point, says Polo Chau, an assistant professor at the Georgia Institute of Technology, is to understand that handling business and security as usual is no longer adequate.
“Companies have traditionally used a signature-based approach—along with blacklists and whitelists—to detect and manage malware and other threats,” he explains. “Today, traditional systems can’t keep up. There are too many files, too many threats that are constantly changing, and social engineering techniques that can defeat even the best security.”
Emerging cyber-security best practices increasingly revolve around a more comprehensive and holistic framework. It’s now critical to take a proactive and nuanced approach that incorporates multilayered security, cyber-security intelligence, advanced analytics, and user education and training.
“Advanced persistent threats now unfold over long periods of time and involve multiple phases,” Chau says. “This requires a very different cyber-security model.”
Developing a Broad, Effective Security Framework
One organization attempting to establish a broader and more effective framework is Gold Star Mortgage Financial Group, an Ann Arbor, Mich., company that conducts business at 30 branches in 21 states, as well as online. A few years ago, the company found itself overwhelmed by security requirements, including monitoring servers, systems and devices.
“It was time-consuming and expensive to monitor everything and sort through logs on our own,” explains Andrew Bezenah, information technology and information security manager. What’s more, the manual approach increased the odds that a cyber-security vulnerability or threat would fly below the radar and damage the company.
To deal with these challenges, Gold Star Mortgage Financial adopted EIQ Networks’ SOCVue SaaS security intelligence solution. It introduced 24x7x365 cloud-based monitoring to identify possible cyber-attacks, while helping the company adhere to regulatory requirements, including the Gramm-Leach-Bliley Act (GLBA).
The threat intelligence software detects threats and mitigates vulnerabilities in critical IT equipment, including both internal and external internet protocols. Rather than simply responding to an endless series of risks and threats, this approach allows the IT and security staff to work in a more strategic and proactive way, Bezenah points out.
The EIQ Networks system is just one piece—albeit a critical one—of a comprehensive framework of security tools, technologies and solutions, Bezenah says. Although the company continues to rely on a firewall, antivirus protection, intrusion detection and more, the growing complexity of cyber-security requires a more efficient approach. The cloud-based system allows the company to ramp up protection through automated scanning of applications, mail servers and more, as well as providing insights into how to fix a problem.