Story image

Vendors urge NZ businesses to rebalance & security portfolio

12 Nov 2013

New Zealand businesses need to 'rebalance' their security portfolio to counter the changing threat landscape according to three security focused companies who are pitching a three-pronged – and three vendor – approach.

FireEye, Imperva and Splunk joined forces to present a unified front with the 'Enrich. Defend. Protect.' security roadshows in Auckland and Wellington.

The three vendors have partnered to provide what they claim is 'unparalleled visibility and control over this latest generation of security risks' which 'are specifically designed to evade traditional security controls and infrastructure'.

Rich Costanzo, FireEye ANZ sales engineering manager, notes that FireEye is seeing 'a brand new style of attack every three minutes.

Paul Steen, Imperva principal security architect for South Asia, Pacific and India, says that just like investment portfolios, which are 'rebalanced' regularly according to the financial market, so a customer's security protection should be readjusted as the threat landscape changes.

“If we look at what we were spending on security back in 2001, most companies were spending money on antivirus, firewall and IPS. Now we come to 2013 and what are we spending money on? Antivirus, firewall and IPS,” Steen says. “You can be sure the hackers have got a bit more creative.”

Steen says while controls such as next generation firewalls, antivirus and IPS remain valid for certain attacks, new threats are not addressed by them.

“An Imperva study compared 28 different forms of AV against known malware and the hit rate was less that 25%. While we still need this, maybe we should look at how we're spending our security budgets.”

Steen argued the case for protecting the data centre, or more specifically, the data, rather than relying solely on endpoint and network security.

“There are just too many threat vectors. There are so many ways into an enterprise [for hackers]. Chasing everyone one of those vectors is like chasing mice," he says.

"There might be 100 ways in, but there is always one target: the data, they're always going after the same target, the cheese. So maybe instead of spending all of our cash and all of our time and effect chasing the mice, how about we spend a little effort protecting the cheese?”

“No one is under the illusion anymore that they have kept everyone out. The bad guys are already in. Now it's about protecting the data, protecting where it lives, knowing who is accessing the data, how it is being accessed and where it is going.”

Steen says the combination of FireEye – with its focus on looking for malware activity - and Imperva – with a focus on watching data access including web application, file and database security – 'is about a faster response to these types of activities'.

“When FireEye finds a machine that is infected with some form of malware, Imperva then can automatically quarantine that machine not from the network, but from that sensitive data. From specific tables, columns and rows in your database that contain the sensitive data, from specific file shares that contain that important and sensitive data.

“By combining the two, it's really about speeding up that detection and the mitigation.”

Splunk meanwhile, provides the security intelligence platform to 'make sense' of all the data, says Mohamed Ibrahim, Splunk senior sales engineer.

The platform reads data not just from systems such as antivirus, IPS and firewalls, but standard IT data from getting an IP address from a DHCP server to accessing enterprise applications and company information, which can also indicate abnormal behaviours indicative of unknown threats.

“We see all data as security relevant,” Ibrahim says.

Costanzo says when it come to rebalancing that protfolio – and rolling out the three vendors' offerings to customers – different organisations will find quicker wins in different solutions.

“That's a matter of understanding their security posture, understanding the gaps, understanding the quick wins and which ones you can fill in quickly and most effectively.

“The solutions as a whole are very complementary and it's a different approach to security.”

He says the move to rebalance is 'a theme we're hearing more and more'.

“It's a longer term investment to make that happen because adjusting security spend is a two to three year process. But ultimately, it's about making sure your security customers and clients have a better security posture overall.”

Microsoft Teams’ eight new and upcoming features
After taking Best in Show at Enterprise Connect, Microsoft Teams will be seeing eight new capabilities over 2019.
IDC: NZ's PC market surprise growth will not last
Despite the growth witnessed at the end of 2018, IDC predicts that New Zealand’s traditional PC market in 2019 will decline by -4.4% YoY.
OutSystems and Boncode team up for better code analysis
The Boncode and OutSystems alliance aims to help organisations to build fast and feel comfortable that the work they're delivering is at peak quality levels.
Vector penalised $3.5 million for excessive levels of power outages
''Given the impact electricity outages have on consumers and businesses it is crucial that lines companies have systems in place to identify and manage the risks present in their networks."
Digital spending to hit US$1.2 trillion by 2022
A recent study by Zinnov shows that IoT spend reached US$201 billion in 2018 while outsourcing service providers generated $40 billion in revenue.
Microsoft offers Government free digital skills training
Upwards of 60 workshops will be offered, aimed at giving staff a vital grounding in cloud technologies, artificial intelligence and other skills.
Google certifies Panasonic rugged devices for enterprise
The Toughbook T1 and N1 handhelds meet all requirements for Google’s rugged Android certification.
SIS announces a partnership with Platform 4
“We are looking forward to a strong future in the New Zealand security industry with this global giant as our strategic partner."