Own the vulnerability; don’t blame the threat, is Gartner’s advice. Fingers have been pointed at China and Russia (amongst others) for some of the recent cyber attacks – but the techniques used are not new.
In Gartner’s last report – Strategies for Dealing with Advanced Targeted Threats – it is clear that security has to evolve to combat the increase in these types of attacks.
“The reality is that the most important issues are the vulnerabilities and the techniques used to exploit them, not the country that appears to be the source of the attack,” said John Pescatore, vice president and distinguished analyst at Gartner.
Simple, signature-dependent security approaches are not the answer to the level of tailoring and targeting that the new threats present.
Denial of service, theft of information – these are techniques that cyber criminals have worked on for years – and Gartner are clear in their message.
“Targeted attacks are penetrating standard levels of security controls and causing significant business damage to organisations that do not evolve their security controls,” said Pescatore.
The message is to reduce vulnerabilities, increase monitoring capabilities, and react quickly to evolving threats – resulting in everyone from teenagers to state-backed attackers hitting a brick wall.
“The use of specialised threat detection, network forensics and situational awareness technologies can be very effective…but require high levels of skilled resources to be effective.” Pescatore added.
A ‘lean-forward’ approach is needed towards security where the business is constantly looking beyond the standard level of security, and active threats are continuously being monitored.
However, investment is the key to the lean-forward processes, but also a company has to be able to take action if a breach is discovered.