Express Computer

Home  »  Columns  »  Business IT security in 2016

Business IT security in 2016

ColumnsfeaturesNews
By Srikanth RP
Altaf Halde, Managing Director–South Asia, Kaspersky Lab
Altaf Halde, Managing Director–South Asia, Kaspersky Lab
0 424

2016 is going to be a challenging year in the field of corporate IT Security, both for vendors and customers. The constant evolution of the threat landscape calls for new protection technologies, but at the same time demands businesses to alter their perception of threats and come up with new strategies to detect and respond to attacks. Significant turbulence is expected, and in order to succeed, both vendors and customers have to focus on developing their security intelligence

By Altaf Halde, Managing Director-South Asia, Kaspersky Lab

In 2015, for the first time, we saw a decrease in the overall number of malicious programs detected, suggesting that cybercriminals have needed to apply cost-cutting measures, just like the rest of us. However, this in no way means that the threat levels have decreased. In fact, the overall number of users attacked actually increased by 5% compared to 2014.  Corporations have been targeted with even greater force, and criminals started more actively looking to steal corporate funds, via ransomware, by targeting Point-of-Sale terminals or even compromising entire networks of financial institutions.

Evolution of the threat landscape defines the need for new approaches to business security. But before we delve into the details, let’s observe the reasons behind the change.

Three major trends in corporate IT security
The next targeted attack against your business will not necessarily be sophisticated, but it will still be dangerous. Does it matter if threat actors use a unique zero day or not? Not really. What matters is how fast you can spot a successful breach and how well you react. Based on intelligence about the most recent attacks, our report indicates that the people behind them meticulously plan their steps. They may use a vulnerable point in your corporate perimeter and lure your employee to click a specially crafted malicious link. Therefore, the only solution to reduce the risk of such attacks is to foresee them before they happen, based upon up-to-date threat intelligence.

Ransomware, PoS attacks, and other specialized cyber threats are on the rise
We saw rapid development of ransomware threats in 2015, targeting mostly small and medium business to extort money and put their data at risk. Although enterprises are usually better prepared for such attacks, ransomware is an example of a specific threat exploiting weaknesses in the corporate security strategy and trying to get closer to corporate funds. The next big thing could be attacks on Point-of-Sale terminals, large-scale DDoS attacks and other threats targeting your money or that of your clients and partners, which can put the very existence of your business at risk.

Generic malware is still the main headache of your IT department
According to our statistics, 58% of corporate computers were attacked by malware at least once in 2015. Those who say that traditional anti-malware technologies are preventing traditional attacks are outdated and must think again. If your IT department is busy fighting widespread malware, does it have the resource to detect and protect against a targeted attack? Likewise, before a security vendor starts to develop a solution designed to spot targeted attacks, it has to make sure all traditional attacks are already detected and blocked.

The next big thing for the IT Security industry
The security industry has recognized that customers need more than just security software. Clients would like to know if their IT infrastructure is protected well enough and where the potential vulnerable points are. How can they address the mistakes of their employees? How could they protect their data when it’s being processed and transferred outside of the corporate security perimeter? How should they manage the fundamental flaws in the basic IT technologies they use?

New security solutions are emerging to address these challenges. Last year we have been focusing our attention on security for virtual environments, solutions for data centers, and technology to secure sensitive financial transactions. But a security vendor cannot address all business demands only with software. Even if it’s possible to block a certain highly sophisticated attack, the technology designed to repel it takes a while to develop, with customers demanding protection today. This is, by far, the major challenge that every security company faces today.

The solution is to share intelligence. It is time to speed up the transformation of this knowledge into real protection for corporate customers. What they demand from us is a combination of tools and actionable expertise to help protect them from all kinds of cyber threats. Some aspects of the threat landscape can only be addressed by intelligence sharing and offering security consultancy in the form of a service. Some threats require new technology, and the majority of attacks can still be repelled with existing methods.

Thus, it’s not only a matter of delivering a new security solution anymore. It’s the combination of solutions, expertise and services that makes a business truly protected from the full spectrum of cyber threats. The question is – who will present the right mix of these ingredients to the market? Will corporate customers be ready to accept it? When Apple introduced its first iPhone in 2007, it did not invent something radically new. Instead the company took all of the latest technologies and mixed them in one brilliant device that reshaped the entire smartphone industry.

In 2016, the IT Security industry will face the same challenge of packaging existing and new technologies and expertise into something new. There will be winners and, inevitably losers, but in the end the entire industry, as well as corporate customers, will find themselves in a better protected environment.

Get real time updates directly on you device, subscribe now.

Srikanth RP

Srikanth is an award winning journalist with more than 16 years of experience. In 2010 and 2013, Srikanth received the Polestar award for Excellence in IT Journalism, from the PoleStar Foundation, an independent trust established in 1998 to recognize Excellence in Business and IT Journalism.

In the past, Srikanth has led the editorial operations for InformationWeek (UBM) and Dataquest (CyberMedia). Srikanth has also been associated with Patni Computer Systems and Capgemini India, in marketing and communications roles. He can be reached at [email protected]

You might also like More from author
Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 
Powered by Convert Plus
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image