You have been hacked! Those are four words that no organisation wants to hear – ever. The reality is that all organisations are vulnerable to cyber criminals activities. According to a recent article by Kelly Sheridan ( Dark Reading), the Cybercrime Economy Generates $1.5 Trillion a Year!
That’s a mind blowing figure. In this article, I share some thoughts as to why the current mechanisms of fighting back against cyber attacks are not working. Read on.
There are many reasons why cyber criminals appear to be winning the fight and reaping the rewards. For one, it is clear that cybercrime pays and most of those criminal organisations now run like legitimate businesses with organised operations, strategies, support, and profits reinvested into research and development efforts.
Those criminal organisations are not much different to security software vendors that are continuously looking for issues and provide updates to patch vulnerabilities and security flaws. It’s an always on race.
Lack Of A Fully Integrated Security Ecosystem
Cybersecurity Ventures listed 500 of the world’s hottest and most innovative cybersecurity companies to watch in 2017. From Adaptive Security Platforms, Email Security products, to Anti-Virus & Malware Protection, the list is huge. Which one should you use and for what purpose? Will your chosen product integrate well with other security vendors? How do those products compare? There are a lot of considerations that each organisation have to take into account. From the total cost of ownership of the product, ease of use, quality of service, support, etc. In any case, 500 security vendors is a huge menu to select from.
Network & Security Managers have the challenging task of assessing multiple vendors and selecting the product and services that match their organisation’s needs. Not an easy task in a very crowded
and noisy cyber security market place. Security analysts have been predicting for a while that the entire cyber security industry is ripe for consolidation. The same thing happened in other sectors like manufacturing, systems management, enterprise applications, and telecommunications. So it makes sense that the cyber security industry will go through the same process.
More Integration, More Consolidation, Less Security Vendors
What is needed is for more security vendors to work together for better integrated solutions and services in order to fight back cyber attacks and cyber crime more effectively. The time for single point solutions is coming to an end. Cyber criminals are coordinating, sharing tools, and intelligence to run effective campaigns and are increasingly reaping huge rewards. This is validated by the relentless and growing number of successful cyber attacks reported in the media on a regular basis.
Humans & Machines Working Together As One
Fundamentally software will continue to have vulnerabilities that can be exploited by malicious attackers for their own gains. As software developers get more adept at secure coding, it is expected that vulnerabilities will steadily diminish but cannot be avoided altogether. Machines are very good at boring and repetitive tasks but lack context and insights. Humans are very good at contextualising and finding solutions in creative ways but lack the repetitive stamina to conduct boring tasks consistently. As machines carry more and more automated security analysis to look for vulnerabilities in various systems, both humans and machines must work together.
Fully Integrated & Coordinated Cyber Defence Infrastructure
Organisations will need to find better ways to integrate their entire cyber security infrastructure and ecosystem in order to respond better and faster to cyber attacks. Like criminal organisations, companies that are serious about cyber security will have to use a defence-in-depth strategies that include a fully integrated security infrastructure that is working as one effective defence system. They should combine traditional network defence mechanisms such as firewalls, intrusion detection systems, endpoint protection, web application firewalls, etc. with external threat intelligence methods, and
Much of the money is reinvested in new criminal ventures. Criminals put about 20% of their revenues into additional crime, indicating up to $300B is used to drive illegal activity.
adaptive threats response, in order to stay one step ahead of cyber criminals.
The cyber security industry is ripe for consolidation. Too many security vendors. Too many products. What is required is a fully integrated approach to cyber security, where humans and machines work as one, in an self-automated and coordinated manner in order to fight back effectively against the relentless and ever growing cyber threats.
At iCyber-Security, we have developed the iCyber-Shield Enterprise Cyber Defence Platform that allows you to manage, automate, respond, and orchestrate your entire cyber security infrastructure from a single command and control interface, ensuring that ALL your business critical digital assets are secure and always available – 24/7!
Marco Essomba is a Certified Application Delivery Networking and Cyber Security Expert with an industry leading reputation. He is the founder and CTO of iCyber-Security Group, a leading edge UK based cyber security firm providing complete and cost effective digital protection solutions to SME’s. iCyber-Security’s cyber defence platform (iCyberShield) gives total visibility & control over your entire security infrastructure. The product is listed on the London Digital Security Centre MarketPlace. Let’s connect on Twitter: 33K+ followers –> @marcoessomba Let’s connect on LinkedIn: 11K+ followers: https://uk.linkedin.com/in/marcoessomba