Adaptive security the way to go in current APT landscape: Symantec
- 21 September, 2012 11:17
The threat landscape is the most challenging it has ever been, according to Symantec managed security services (MSS) director, Peter Sparkes.
More sophisticated external attacks as well as targeted malware attacks like Stuxnet have contributed to the increasing threat concerns, according to him.
“People also have to contend with malicious insiders, WikiLeaks being the famous example, and well meaning insiders,” Sparkes said. “There is also increasing financial brand risk associated with security threats.”
He also highlights how the drive to Cloud-based infrastructure and services is complicating things for some along with the adoption of virtual infrastructure.
Round the clock
According to Sparkes, Symantec addresses these challenges by providing threat visibility round the clock.
“Other [challenging] factors include geopolitics as motivation, leveraging of social media, well funded initiative, and cyber criminals being patient,” Sparkes said.
He adds that adaptive security is the way to combat these threats, with a focus on intelligence, context, and visibility. Symantec MSS provides enterprise-wide support of devices and technologies, pricing and business models.
“Multiple, different partners can resell our services,” Sparkes said.
One case that MSS had been involved with was an infected CCTV system that belonged to a client.
“MSS detected an outbound connection attept to known phone home IP address via a limited number of firewall “accept” logs,” Sparkes said.
When the customer investigation was carried out, the customer initially insisted the infection was not possible, as the hosts were isolated with no inbound access and no web surfing/email allowed.
“However, the systems were identified as Windows 2003 Servers that were infrequently patched, due to concerns with interoperability of the CCTV camera software running,” Sparkes said.
MSS analysts eventually convinced the customer to host a conference call and determined the infection vector was a USB drive.
“The vendor had performed a software update on the day the activity was first observed,” Sparkes said.
Join the Computerworld Australia group on Linkedin. The group is open to IT Directors, IT Managers, Infrastructure Managers, Network Managers, Security Managers, Communications Managers.
Optus goes over the top with VoIP service
Turnbull asks how the NBN got that way
U.S. retailers insist on PIN requirement in smartcard rules
Yelp speeds database access with flash storage
Thanks a million, Drupal