CS1703

news
BUSINESSES BEGIN TO FIGHT BACK
Darren Anstee
More than half of firms (57%) have
experienced a cyber-attack in the past year
and two in five (42%) have had to deal with
two or more. That's the finding of Hiscox's
latest Cyber Readiness Report, compiled from
a survey of more than 3,000 executives,
departmental heads, IT managers and other
key professionals in the UK, US and Germany.
Larger companies, particularly those in the US,
are targeted most often.
The average cost of the largest cyber security
incident experienced ranges from 22,000
euros for very small German companies to
US$102,000 for very large US companies –
somewhat lower than the headline figures
often seen. It takes time to get back to
'business as usual' though. While three out of
five businesses (62%) took less than 24 hours
to uncover their biggest cyber incident in the
past 12 months, and a quarter (26%) did so
within an hour of its occurrence, nearly half
(46%) of businesses took two days or more to
get back to business as usual.
"As Hiscox reported, the impacts of a
successful attack are multi-dimensional, with
some costs being immediate and some more
long lived," said Darren Anstee, chief security
technologist at Arbor Networks. "Our latest
research found that brand damage was the
most commonly cited impact of a DDoS attack,
beating out even operational expense. While
this is not a good thing in and of itself, we are
seeing increasing proportion of organisations
factoring cyber threats into their business and
IT risk assessment processes, which should lead
to the right investments being made in
defensive solutions and services."
TOP PHISHING TARGETS: GOOGLE, YAHOO AND APPLE
The 2017 Webroot Threat Report has
revealed that, for every new phishing URL
impersonating a financial institution, there
were more than seven impersonating
technology companies – a significant
change since 2015 when the ratio was less
than one to three.
This increase may indicate that it is easier
to phish a technology account and that, due
to password reuse, they can be more
valuable to hackers as a gateway to other
accounts. The top three phishing targets in
2016 were Google, Yahoo and Apple.
Hal Lonas, chief technology officer at
Webroot, commented: "It's clear that relying
on threat lists, virus signatures, and
simplistic rules for protection is wholly
insufficient against a threat landscape that is
constantly evolving. Proven, real-time
machine learning-based analysis that
PALO ALTO NETWORKS SEES THE LIGHT
Mark McLaughlin
Palo Alto Networks has acquired LightCyber,
a privately held cybersecurity company
that has developed highly automated and
accurate behavioural analytics technology,
for $105 million in cash.
Palo Alto Networks will continue to offer
the LightCyber products and also support
existing customer implementations while it
Hal Lonas
includes an understanding of threat
behaviour and context is necessary for
accurate decision making and protection
from today's threats."
engineers the technology into the Palo
Alto Networks Next-Generation Security
Platform by the end of the calendar year.
Bringing behavioural analytics to the
platform will enhance its automated
threat prevention capabilities and the
ability for customer organisations to
prevent cyber breaches throughout the
entire attack lifecycle.
"The LightCyber team's vision to bring
automation and machine learning to bear
in addressing the very difficult task of
identifying otherwise undetected and
often very sophisticated attacks inside the
network is well aligned with our platform
approach," said Mark McLaughlin,
chairman and CEO of Palo Alto Networks.
"This technology will complement the
existing automated threat prevention
capabilities of our platform to help
organisations not only improve, but also
scale their security protections to prevent
cyber breaches."
6
computing security March/April 2017 @CSMagAndAwards www.computingsecurity.co.uk