Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
news<br />
BUSINESSES BEGIN TO FIGHT BACK<br />
Darren Anstee<br />
More than half of firms (57%) have<br />
experienced a cyber-attack in the past year<br />
and two in five (42%) have had to deal with<br />
two or more. That's the finding of Hiscox's<br />
latest Cyber Readiness Report, compiled from<br />
a survey of more than 3,000 executives,<br />
departmental heads, IT managers and other<br />
key professionals in the UK, US and Germany.<br />
Larger companies, particularly those in the US,<br />
are targeted most often.<br />
The average cost of the largest cyber security<br />
incident experienced ranges from 22,000<br />
euros for very small German companies to<br />
US$102,000 for very large US companies –<br />
somewhat lower than the headline figures<br />
often seen. It takes time to get back to<br />
'business as usual' though. While three out of<br />
five businesses (62%) took less than 24 hours<br />
to uncover their biggest cyber incident in the<br />
past 12 months, and a quarter (26%) did so<br />
within an hour of its occurrence, nearly half<br />
(46%) of businesses took two days or more to<br />
get back to business as usual.<br />
"As Hiscox reported, the impacts of a<br />
successful attack are multi-dimensional, with<br />
some costs being immediate and some more<br />
long lived," said Darren Anstee, chief security<br />
technologist at Arbor Networks. "Our latest<br />
research found that brand damage was the<br />
most commonly cited impact of a DDoS attack,<br />
beating out even operational expense. While<br />
this is not a good thing in and of itself, we are<br />
seeing increasing proportion of organisations<br />
factoring cyber threats into their business and<br />
IT risk assessment processes, which should lead<br />
to the right investments being made in<br />
defensive solutions and services."<br />
TOP PHISHING TARGETS: GOOGLE, YAHOO AND APPLE<br />
The 2017 Webroot Threat Report has<br />
revealed that, for every new phishing URL<br />
impersonating a financial institution, there<br />
were more than seven impersonating<br />
technology companies – a significant<br />
change since 2015 when the ratio was less<br />
than one to three.<br />
This increase may indicate that it is easier<br />
to phish a technology account and that, due<br />
to password reuse, they can be more<br />
valuable to hackers as a gateway to other<br />
accounts. The top three phishing targets in<br />
2016 were Google, Yahoo and Apple.<br />
Hal Lonas, chief technology officer at<br />
Webroot, commented: "It's clear that relying<br />
on threat lists, virus signatures, and<br />
simplistic rules for protection is wholly<br />
insufficient against a threat landscape that is<br />
constantly evolving. Proven, real-time<br />
machine learning-based analysis that<br />
PALO ALTO NETWORKS SEES THE LIGHT<br />
Mark McLaughlin<br />
Palo Alto Networks has acquired LightCyber,<br />
a privately held cybersecurity company<br />
that has developed highly automated and<br />
accurate behavioural analytics technology,<br />
for $105 million in cash.<br />
Palo Alto Networks will continue to offer<br />
the LightCyber products and also support<br />
existing customer implementations while it<br />
Hal Lonas<br />
includes an understanding of threat<br />
behaviour and context is necessary for<br />
accurate decision making and protection<br />
from today's threats."<br />
engineers the technology into the Palo<br />
Alto Networks Next-Generation Security<br />
Platform by the end of the calendar year.<br />
Bringing behavioural analytics to the<br />
platform will enhance its automated<br />
threat prevention capabilities and the<br />
ability for customer organisations to<br />
prevent cyber breaches throughout the<br />
entire attack lifecycle.<br />
"The LightCyber team's vision to bring<br />
automation and machine learning to bear<br />
in addressing the very difficult task of<br />
identifying otherwise undetected and<br />
often very sophisticated attacks inside the<br />
network is well aligned with our platform<br />
approach," said Mark McLaughlin,<br />
chairman and CEO of Palo Alto Networks.<br />
"This technology will complement the<br />
existing automated threat prevention<br />
capabilities of our platform to help<br />
organisations not only improve, but also<br />
scale their security protections to prevent<br />
cyber breaches."<br />
6<br />
computing security March/April 2017 @CSMagAndAwards www.computingsecurity.co.uk