The rapid growth of devices and associated attacks aimed at mismanaged or unpatched devices, in conjunction with unsuspecting users, is proving difficult to keep up with. J2 Software has launched a range of solutions geared to meet these challenges.
“Every day new devices are being added to the corporate environment bringing new threats and vulnerabilities in the picture. This is why we push for visibility of organisations’ entire environment and this must go beyond the corporate network in our modern, hyper-connected society,” says J2 Software MD, John Mc Loughlin.
He emphasises that systems live in-house and in the cloud with data being accessed and managed on several devices in numerous locations. “Without visibility, you will not even know if something has been lost.
“When a new vulnerability is discovered it is clear that the cyber-criminals respond faster than most organisations and they make sure they exploit every new opportunity possible,” says Mc Loughlin.
He emphasises that what you don’t know will definitely hurt you or even kill your business through reputational damage.
“It is clear to me that cyber security and compliance continues to be a massive challenge for many organisations. Attackers are getting more sophisticated in their attacks and most people are defending in the same way they always have. What astonishes me is why they are not driven to change how they are doing things in the face of ongoing failure to stop the problem.”
Mc Loughlin notes there are new threats which are thrown into the mix every day and adds: “simply put, without visibility there is no proven way to respond and remediate these threats in any meaningful amount of time. Depending which research paper you read the average organisation takes anywhere from 160 to 229 days to realise there has been a breach. That is almost longer than it takes the latest mobile device to become obsolete.
“So how is this possible today when there are so many security solutions available? The answer is clear – it is because people are using 10 year old thinking to defend against current threats. There is no data correlation and even less automation.”
He says in most situations leading firewall technologies are deployed and internet protection; which is then rendered useless through poor configuration and/or unmonitored access outside of the traditional corporate network. “There is very little verification conducted on existing defence systems and often once any tool is deployed, the tick box is checked and it is forgotten. Well, at least until they are notified of the breach and their data is being thrown around the web with abandon.
“Whether it is poor configuration, malware, insider threats, data loss or disgruntled users – visibility is the key to identify system misuse; unpatched machines and solution misconfiguration. It is just impossible to believe you are secure and compliant if you do not know where people access systems or the actual assets connected to your environment. Without total visibility companies will always find themselves in the role of the fireman – constantly battling and putting out fires, rather than continually improving their security landscape.”
Mc Loughlin says real time visibility is the only way to identify anomalous behaviour, highlight changes and instantly respond to attacks. “Businesses cannot prevent threats; they will unquestionably continue and even intensify. However, visibility gives businesses the capability to respond immediately,” Mc Loughlin concludes.