ChannelLife New Zealand logo
Story image

Users want proactive not reactive security solutions

Throughout 2014 there were an increasing number of high profile cyber security threats and breaches. Response is the difference between success and failure, says Mark Shaw, Symantec Technology Strategist.

New Zealand and Australian private organisations require access to security services that will bring in more threat protection and have a specific focus, ultimately securing against breaches, says Shaw.

Furthermore, closer industry partnerships and collaborations across the industry will strengthen cyber security, he says.

For instance telecommunication providers and governments can work together, focusing on their area of expertise, to provide better protection on a wider scale, and vendors can share intelligence to provide customers with greater defence against threats.

Symantec believes open source platforms will encourage greater industry coordination, collaboration and response, which will help to address the current security vulnerabilities.

Mobile apps have been a security vulnerability and this year will be an opportunity to raise awareness about cyber security, according to Symantec.

Norton research shows millennials think they’re aware of what they’re allowing access to but in reality unknowingly trade information for apps. In 2015 and beyond, Symantec expect providers to drive consumer awareness by making online privacy and data security core to their offerings.

As more data moves to the cloud, businesses will be looking at data governance and ensure their data is cleaned before it’s hosted in the cloud. Symantec says legacy data that is left unmanaged will continue to accumulate and present a persistent challenge for businesses.

For consumers in 2015 a huge amount of personal information will be hosted remotely, leading to debates around the right to access, control and protect private data in the cloud.

Ransomcrypt, otherwise known as Cryptolocker, is a threat designed to encrypt a user’s files and request a ransom for the files to be unencrypted.  

Using advanced methods and systems Cryptolocker has become more targeted. For instance it now leverages online and electronic payment systems such as Bitcoins, Webmoney and Ukash, ensuring criminals remain anonymous and have a convenient way to receive payments.

This puts businesses and consumers at greater risk and increases the need for a fast response and detection, says Shaw. Cyber-resilience is more important now than ever before, he says.

Big data and machine learning will be a game changer in the fight against cybercrime, improving detection rates and potentially reversing the trend of cyber crime, says Symantec.

A breach is inevitable, but machine learning will help people stay proactive against threats, says Shaw.

It will be increasingly critical for security vendors to stay one step ahead of cyber criminals instead of reacting to them, says Symantec.

In order to protect an organisation’s critical information assets, security vendors will also have to establish context and create adaptive controls so they can successfully identify threats.

Symantec says they are building technologies that can detect anomalous behaviour, which involves understanding and baselining a user’s or system’s ‘digital DNA’. Once a baseline can be established, any significant delta or deviation would raise a flag for further investigation, says Symantec.

The company says another game changer is delivery technologies such as intelligent, risk-based authentication to force step up authentication only when an abnormal login sequence takes place.

According to Symantec, security vendors and providers are facing increasing challenges on ways to balance the need for convenience against complexity, while providing users with a seamless experience.

Multi-factor authentication techniques may be possible solutions, but protecting valuable information is dependant on users’ behaviour.

Other key trends noted by Symantec include: distributed denial of service will continue to rise as a threat, encryption technology will grow, the use of personal VPNs will increase, mobile devices and mobile payments will be more attractive targets, and attacks on the Internet of Things will focus on smart home automation.