What are you doing to proactively protect your organization from the next-generation of IT security threats?
By Eric Blaier
Chances are, if you’re an IT professional working in the security field or a network administrator, you’ve noticed a significant reduction in the amount of e-mail spam that your network is receiving from a year ago. Symantec reported that spam dropped 47% from the period of August 2010 through December 2010 *(Source: Symantec-Eric Park Blog). That’s the good news.
The bad news-it’s not as if the spammers simply vanished or went into legitimate business. They have, in fact, gotten more enterprising and malicious. Rather than using email as a way to distribute extremely unwelcome content, they have found key areas in cyberspace that we utilize daily in our personal and professional lives. This article will examine those methods from a high-level view and discuss how it affects the typical enterprise, as well as some base solutions.
Some of the primary reasons why companies are focused on next-generation security include:
1. They experienced a breach and need to prevent it from reoccurring.
2. They have regulatory compliance and reporting requirements.
3. It is driven by customer demand.
Some of the questions that CIOs, Heads of Audit and Compliance, CISO’s, and Directors of IT need to consider are:
What is the cost of your network being down for a short duration?
What is the cost of your critical applications being lost or down in terms of productivity, serviceability and brand perception?
What would be the financial impact to your organization if customer information was lost or you lost critical information to a competitor?
If the heads of IT aren’t doing this in the current environment, they are playing a dangerous game until they are the victim of a breach.
Most companies that I talk to have a large network deployed nationwide, with some degree of edge protection. Typically, this involves a firewall, which was fantastic in the old Web 1.0 environment. However, the reality is that we simply are not operating in that environment anymore. The workplace is now not only seeing social media traffic (Facebook, Linked In, Twitter, etc…) but also adopting it as a business tool. This has opened up the floodgates for the targeted attacks that the former spammers are now sending. The use of social media in the marketplace continues to grow, so how do you deal with it?
One way is to eliminate it all together. If you do not see the value of social media, you can use a Web Filtering Device and decide which sites and/or content categories to block and that should solve your problem. However, that’s not the case for most businesses today.
So we’ve established that social media is part of and growing in the workplace. You have a Firewall protecting the network and that’s not enough? It’s actually not. The prominence of zero-day attacks, SQL injections and bot attacks on the network are increasing at an alarming rate. McAfee has stated in reports that they have identified an average of over 4 million new executable or malicious codes that are discovered DAILY!
There are new augmentations to your existing infrastructure, such as Data Loss Prevention and Intrusion Protection. Intrusion Protection provides the additional security to handle the zero-day attack threat and keep bad intentions from entering your network. Data Loss Prevention is actually the fastest-growing segment of the web security marketplace, and it entails keeping critical data from being lost or stolen from the network by establishing automated process and mapping the critical data. This is another topic that I’ll cover at a later date in another article.
Another method that is being exploited at a frighteningly explosive rate is that of web application targeting. Websites that host third party applications (Ads are a perfect example) are completely at risk because of the third-party application. Oftentimes, a developer of an ad (or any type of content, for that matter) is put on a short deadline to produce that content or code. Their goal is to complete the work and get paid. This often comes at the expense of shoring up the code to make sure there are no vulnerabilities within. As such, when you are hosting third-party applications on your site, you are exposing yourself to a major breach. PBS Kids recently experienced a breach on their “Curious George” website in exactly this fashion. Not exactly the type of site you would expect an attack to come from.

Fortunately for those companies hosting third-party content, there are solutions. Some of these include Web Application Firewalls and Web Application Filtering, which look at the content of the sites to make sure that there is no rogue code embedded in the applications or ads.
The workplace having expanded to home use and mobile devices have also opened up another can of worms. I recently talked to a CIO at a leading national restaurant corporation who told me that their main security priority last year was securing the perimeter, meaning, Wi-Fi access at their restaurants. There were a few ways to do that, and their idea was to have the internet access provided by the franchise owner and not the corporation. That works, but it still leaves the franchise owner more exposed than they would necessarily like, while probably having no idea that they are even at risk. One solution, in this instance, would have been a hosted edge protection that would have provided Data Loss Prevention, Intrusion Protection and the Anti-Virus/Firewall needs that the individual franchise owner would need. The key is to gain an understanding of the various technologies available to combat these growing threats and stay ahead of the bad guys.
I hope that this article has provided an overview of these threats and some base solutions that can help you.
About the Author:
Eric Blaier is the founder of Integrated Business Services, Inc., an Atlanta-based Web Security and Business Continuity consulting firm. His client roster includes numerous Fortune 500 clients in the healthcare, finance, technology, consumer goods, and consumer services sectors.
He can be reached at sales@integratedbusinessservices.net or www.integratedbusinessservices.net