Story image

Channel should focus on threat vectors, not threats

23 Feb 15

It’s not about the threats, it’s about the threat vectors, Mike Romans, Barracuda Networks ANZ country manager says. He highlights some  key trends.

There were a handful of high-profile threats last year, such as Heartbleed, Shellshock and Cryptolocker.  However, if there’s one way to describe what we can expect in 2015, it’s this: It’s not about the threats, it’s about the threat vectors.

There are six threat vectors that need to be secured for total threat protection. These are email, web applications, remote access, web browsing, mobile internet and network perimeters, including public and private clouds. All these threat vectors suffer from a combination of spoofing, phishing, viruses, spam, SQL injections, brute force attacks, IP spoofing and social engineering.  

While many system administrators are trained to learn how to mitigate historical threats and defend their systems accordingly, the problem is that the automated threat landscape attacks all threat vectors simultaneously. 

Administrators must protect all network and data protection vectors but resellers also have a great opportunity to work with their customers to mitigate the risk to any threat vector that could be exposed.

Four trends

Attack surfaces will change As companies move from physical to virtual to public cloud to SaaS, their attack surfaces change accordingly. 

An infrastructure upgrade may add multiple attack surfaces, all of which have to be secured. For example, companies that migrate from an on-site Microsoft Exchange Server to Office 365 have added a new attack surface across multiple threat vectors, including email and web application threat vectors.

Increased attacks related to mobile access and web applications Mobile internet is particularly vulnerable to phishing and social engineering attacks. Mobile devices are constantly moving between secure corporate networks and unsecure home or public Wi-Fi.

A continued rise in web application attacks and DDoS incidents The web application vector is the attack surface that is currently the least understood by most IT administrators and is generally the most exposed. 

Many companies attempt to secure this threat vector with the wrong technology, like a network firewall, which can protect Layer 4 protocols and even do deep packet inspection.

However, truly protecting web application layer attacks generally requires terminating the HTTP or HTTPS protocols and often rewriting traffic to identify and mitigate threats. 

Just as a network firewall is not designed to stop spam, it is also not designed to stop web application attacks. This type of misunderstanding leaves the threat vector exposed to attack, and gives the administrator a false sense of security.

Any increases in IT security budgets will be insufficient for ‘business as usual’ Administrators will continue to be required to do more work with fewer resources, and attempts to either ‘go without’ protections along key threat vectors or to manage a patchwork of disparate security systems will leave their organisations at risk. 

Dell dominates enterprise storage market, HPE declines
The enterprise storage system market continues to be a goldmine for most vendors with demand relentlessly rising year-on-year.
The key to financial institutions’ path to digital dominance
By 2020, about 1.7 megabytes a second of new information will be created for every human being on the planet.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
Record revenues from servers selling like hot cakes
The relentless demand for data has resulted in another robust quarter for the global server market with impressive growth.
Opinion: Critical data centre operations is just like F1
Schneider's David Gentry believes critical data centre operations share many parallels to a formula 1 race car team.
MulteFire announces industrial IoT network specification
The specification aims to deliver robust wireless network capabilities for Industrial IoT and enterprises.
Google Cloud, Palo Alto Networks extend partnership
Google Cloud and Palo Alto Networks have extended their partnership to include more security features and customer support for all major public clouds.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill.