You have been hacked! Those are four words that no organisation wants to hear – ever. The reality is that all organisations are vulnerable to cyber criminals activities.
That’s a mind blowing figure. In this article, I share some thoughts as to why the current mechanisms of fighting back against cyber attacks are not working. And how a fully integrated cyber defence infrastructure is what is needed to fight back against the growing number of cyber attacks. Read on.
There are many reasons why cyber criminals appear to be winning the fight and reaping the rewards. For one, it is clear that cybercrime pays and most of those criminal organisations now run like legitimate businesses with organised operations, strategies, support, and profits reinvested into research and development efforts.
“Much of the money is reinvested in new criminal ventures. Criminals put about 20% of their revenues into additional crime, indicating up to $300B is used to drive illegal activity.” ~ Kelly Sheridan, Dark Reading
Those criminal organisations are not much different to security software vendors that are continuously looking for issues and provide updates to patch vulnerabilities and security flaws. It’s an always on race.
Lack Of A Fully Integrated Security Ecosystem
Cybersecurity Ventures listed 500 of the world’s hottest and most innovative cybersecurity companies to watch in 2017. From Adaptive Security Platforms, Email Security products, to Anti-Virus & Malware Protection, the list is huge. Which one should you use and for what purpose? Will your chosen product integrate well with other security vendors? How do those products compare? There are a lot of considerations that each organisation have to take into account. From the total cost of ownership of the product, ease of use, quality of service, support, etc. In any case, 500 security vendors is a huge menu to select from.
Network & Security Managers have the challenging task of assessing multiple vendors and selecting the product and services that match their organisation’s needs. Not an easy task in a very crowded and noisy cyber security market place. Security analysts have been predicting for a while that the entire cyber security industry is ripe for consolidation. The same thing happened in other sectors like manufacturing, systems management, enterprise applications, and telecommunications. So it makes sense that the cyber security industry will go through the same process.
More Integration, More Consolidation, Less Security Vendors
What is needed is for more security vendors to work together for better integrated solutions and services in order to fight back cyber attacks and cyber crime more effectively. The time for single point solutions is coming to an end. Cyber criminals are coordinating, sharing tools, and intelligence to run effective campaigns and are increasingly reaping huge rewards. This is validated by the relentless and growing number of successful cyber attacks reported in the media on a regular basis.
Humans & Machines Working Together As One
Fundamentally software will continue to have vulnerabilities that can be exploited by malicious attackers for their own gains. As software developers get more adept at secure coding, it is expected that vulnerabilities will steadily diminish but cannot be avoided altogether. Machines are very good at boring and repetitive tasks but lack context and insights. Humans are very good at contextualising and finding solutions in creative ways but lack the repetitive stamina to conduct boring tasks consistently. As machines carry more and more automated security analysis to look for vulnerabilities in various systems, both humans and machines must work together.
Fully Integrated & Coordinated Cyber Defence Infrastructure
Organisations will need to find better ways to integrate their entire cyber security infrastructure and ecosystem in order to respond better and faster to cyber attacks. Like criminal organisations, companies that are serious about cyber security will have to use a defence-in-depth strategies that include a fully integrated security infrastructure that is working as one effective defence system. They should combine traditional network defence mechanisms such as firewalls, intrusion detection systems, endpoint protection, web application firewalls, etc. with external threat intelligence methods, and adaptive threats response, in order to stay one step ahead of cyber criminals.
The cyber security industry is ripe for consolidation. Too many security vendors. Too many products. What is required is a fully integrated approach to cyber security, where humans and machines work as one, in an self-automated and coordinated manner in order to fight back effectively against the relentless and ever growing cyber threats.
At iCyber-Security, we have developed the iCyber-Shield Enterprise Cyber Defence Platform that allows you to manage, automate, respond, and orchestrate your entire cyber security infrastructure from a single command and control interface, ensuring that ALL your business critical digital assets are secure and always available – 24/7!
About The Author
Marco Essomba is a Certified Application Delivery Networking and Cyber Security Expert with an industry leading reputation. He is the founder and CTO of iCyber-Security Group, a leading edge UK based cyber security firm providing complete and cost effective digital protection solutions to SMEs. iCyber-Security’s Cyber Defence Platform (iCyber-Shield) gives total visibility & control over your entire security infrastructure in order to detect and respond faster to cyber threats. The product is listed on the London Digital Security Centre MarketPlace.
Other Articles By Marco Essomba
- Internet of Things (IoT) — Is Your Business Ready?
- Single Password Authentication should be banned. Here are 5 reasons why.
- Dilemma: Cyber Security vs. Convenience vs. Usability. I Just Can’t Uninstall WhatsApp. Here is Why.
- Banking-As-A-Service (BaaS) Will Disrupt Banking Whether Bankers Like It Or Not.
- Protecting your network infrastructure and apps against DDoS attacks: Here is how.
- Protect E-Commerce Apps Against Cyber Fraud.
- 7 Proven CyberSecurity Tips For Effectively Fighting Sophisticated DDoS Attacks.
- 7 reasons why organisations get hacked.
- What’s the Point of a CISO?
- 7 Lessons I Learned From Investigating A Major Cyber Security Breach.
- The word hacker has been hacked by the media — ‘hackers’ used to be heroes.
- The Rise of SecOpsDevOps.
- Cost to global businesses to cyber crime will reach $2 trillion by 2019! Fight back with best of breed.
- 7 Reasons Why Network Engineers Must Master At Least One Application Delivery Controller (ADC).
- Part 1: General Fights Back Cybercrime in NeverHackLand.
- Part 2: General Fights Back Cybercrime in NeverHackLand.
- 7 Awesome Skills That Will Make You Stand Out As A Network Security Engineer.
- Are you preparing for your Cyber Essentials Certification? Here are 7 tips to help you pass the certification at the first attempt!