Latin America. As the name implies, these types of next-generation threats have a common denominator, which is evolutionary. Years ago, we observed viruses that infiltrated our computer equipment in a sustained manner and made it difficult for us to use it, in addition to sometimes damaging our equipment. Relatively small and "innocent" threats.
The difference between those days and the vulnerabilities we find today is that they are not looking to become visible or boast about their ability to violate the security of an organization, advertise or alter the virtual environments of our work environment. Today, computer attacks are economically motivated, which generates a malicious microeconomy around the capabilities of computer attackers or "hackers"; today they, like us in the office, have certain shifts, allocate specific economic and technical resources to achieve in periods of time, violate computer security for economic purposes.
These new threats or Advanced Persistent Threats (APTs), have the main characteristic that they are actors and methodologies that seek to pass under the security detection radar of organizations. A worrying statistic for the IT industry is that a consistent computer attack can go up to 6 months undetected. It is as if we are sleeping with the enemy – criminals who are not only extracting our information but analyzing and sharing it for economic purposes that put at risk the permanence of organizations, employees and their customers.
IT manufacturers are becoming aware of the evolution of APTs and are trying to mitigate threats from different technological approaches. However, from my point of view, there is no consistency in the sense of strategic effectiveness that security solutions must provide. Each of these manufacturers puts a lot of energy into taking care of a part of the battlefront with a specific type of technology for certain attacks, which is correct, but at the same time, they neglect other aspects of security that that solution or set of solutions do not contemplate because of the way they were created. Security solutions are not integrated and are not communicating with each other.
The recommendation is to try not to see safety in silos, from an isolated point of view. Integrate each of the solutions within the organization so that they work together to achieve a common goal.
The intricacy of today's network infrastructures makes the protection of the various assets that it integrates more complex: databases, files, banking information, etc. This demands different solutions within network security management.
Technology integrators, who are responsible for bringing network administrators the various solutions they have, must understand the business of their customers and the role they play in the productive industries in which they develop. Today more than ever, the IT industry needs consultants with vision to understand the current situation and anticipate the possible threats that customers may face in the future, derived from the nature of their business and the IT risks that these entail.
The key to protecting against APTs is to provide the necessary visibility to security tools already in organizations' network to do their jobs better. Gigamon's proposal to the industry is to set up a visibility factory, robust and agnostic, a key feature to achieve total visibility, since it does not conflict with any security tool from any manufacturer (firewalls, IPS, antimalware, etc.). Exploit the best of each tool, helping them to access more points within the network so that they do their job in a better way, make decisions in shorter periods of time.
There are traditional security architectures, with special places within the network for various security tools, such as a Firewall, which although a network administrator knows what it is for, it is important to know if it is placed correctly in the right place on the network. The most important trend in the world of network security is Visibility – this new landscape responds to the way computer criminals attack and is through hosting without being detected.
On February 24, Gigamon rang the bell of the New York Stock Exchange (NYSE), which began one of the most important campaigns against cybercrime in the world and which was disseminated globally with the title of #wefightsmart – which integrates the leading manufacturers in the security industry, united against computer attacks. This movement responds to this trend in the evolutionary threats that daily violate companies of all sizes and sectors.
Latin America must make much more progress in the field of network security, to protect itself from a growing number of new generation threats. You have to make effective investments, not necessarily onerous in security, the damage and consequences of a computer attack will always be higher than the investment.
Text written by Jorge Herrerías, Senior Security Sales Engineer for Gigamon.
