Security Threats Straight Ahead!

Untitled Document

***Editor's Note: Tune-in this Wednesday to ebizQ's Threatscape 2008 for an in-depth look at the next wave of attacks being planned by hackers. Sign-up right here.

Let's face it, though the Internet has made it easier to get information and services, it can be a dangerous place to compute. Every day, cyber criminals are unleashing malware, worms and spam, hoping to pry loose critical information for monetary gain.

Last year was plagued by several costly international security incidents, with hacker hotbeds in China, Russia, the U.S. and the U.K. Research Firm Ponemon Institute revealed that the average cost per security incident was $6.3 million in 2007, compared to an average per-incident cost of $4.8 million in 2006 -- and this was in the U.S. alone.

These numbers demonstrate that CISOs must focus more efforts on best securing their enterprises in 2008, so the cost per incident doesn't skyrocket yet again. Now that we have a few weeks of the New Year under our belts, here are the trends I see persisting and the areas CISOs should pay the most attention in 2008.

1. Compliance
SOX, HIPAA, PCI-DSS and HSPD-12. This alphabet soup of compliance regulations are major pain points for enterprises. In the past few years, increasingly strict deadlines for global compliance laws have forced companies to reevaluate their security practices and take more steps toward improvement. Businesses are already using technology that identifies who accessed what on their systems, and detects and resolves security problems. It's a good start, but there is still much more that needs to be done.

In 2008, businesses can expect the government to become even more involved with compliance and security standards. Therefore, CISOs must be able to demonstrate they are meeting mandated requirements. Specifically, CISOs will be asking, "How can I prove to auditors that I am compliant and how can I simplify the process?" This is the underlying theme for all compliance efforts, and the number of fines will increase if businesses do not find the answer. As such, technology that can automate and validate network activity to meet compliance requirements will be incredibly important.

2. Insider Threats
There were many high-profile security breaches last year, creating great concern for incidents such as phishing and Denial-of-Service (DoS) attacks. While CISOs should continue to invest in technologies that prevent external attacks, for the rest of 2008 they should focus more on threats from internal sources.

Unintentional employee errors and omissions are huge causes of security breaches. As the evolving workforce calls for more collaboration, file-sharing and mobility, employees should be educated on how to avoid putting their companies at risk. Mobile devices such as laptops, PDAs and thumbdrives can hold a great deal of information. But because of their size and mobility, these devices, which often contain critical work files and sensitive personal data, can be easily lost or stolen. Therefore, in 2008, CISOs should increase password protection, encryption and personal firewalls on those devices to remediate breaches caused by employee missteps.

Fight back against security threats by getting ebizQ's Security Newsletter delivered to your inbox. Sign-up here.

Another area where internal sources can cause a security breach is when someone attempts to exceed access privileges. Whether it is to excel at work, or there is true malicious intent, CISOs should have insight into who is accessing what inside the network, and be able to immediately revoke privileges before damage is done. Many vulnerabilities stem from companies giving employees and contractors broader access than they really need to do their jobs, or neglecting to quickly deprovision an account when a user is terminated. There will likely be a renewed focus on analyzing the ways employees are using systems and immediately stopping access when employees go beyond the normal scope for a particular transaction.

3. ID Theft & Privacy Violations
The latest headlines tell us that identity thieves are getting younger and the scams are getting more sophisticated and harder to trace. To combat ID thieves, stronger authentication combined with better validation is a necessity. Authentication methods that depend on more than one factor, such as personal identification numbers or biometrics, can be more reliable and are stronger fraud deterrents. The single-factor authentication process of using a login ID and password will not stop identity thieves. If the only thing between you and your bank account is a username and password, that is cause for concern. Multi-factor authentication will also drive a stronger push toward converging IT security with physical security. Right now, this trend is primarily being implemented in the government sector, but more banks, retailers and healthcare facilities will begin using access cards and tokens to tighten access security and prevent ID theft and fraud.

Combating insider threats, meeting compliance standards and preventing identity theft are not new security challenges, but these are issues that continue to persist. Through the rest of 2008, we will see a strong focus on these three areas and businesses will invest in the best combination of technologies to prevent them.

About the Author

Jim Ebzery is the senior vice president, Identity and Security Management, for Novell. Before joining Novell, he served as president of the Viisage Division of L-1 Identity Solutions, a leading identity management vendor, until the company was acquired by L-1 Identity Solutions. Prior to Viisage, Ebzery spent two years at the Internet Capital Group as vice president of operations. Ebzery began his career in sales at IBM then rose over a 17-year period to sales management, business development and executive roles, serving in his last position as worldwide solutions executive for the IBM supply chain business. Ebzery has a Bachelor of Science degree from Boston College in Computer Science.

More by Jim Ebzery