Martin Walshaw, Senior Engineer at F5 Networks.
A strong performance lives long in the memory. It is the ticket that ensures audiences return wanting more. In business, every company survives on delivering complete customer satisfaction. Yet, one bad experience can undermine confidence and trade can quickly head for the nearest exit. With threat actors committing some of the largest data breaches in the last year, analysts have reported that more than one billion customer records have been accessed globally. This trend is on the increase and shows no sign of slowing down. With cybercrime challenging traditional operational practices, now is the time for app security to take centre stage to protect vital data and safeguard business performance.
Time to act
Credentials are the big prize for threat actors. Once the data has been successfully stolen, hackers monetise the information and then sell it on the black market. Additionally, hacktivist groups, such as Anonymous, use tools employed by financially motivated cybercriminals to detect website vulnerabilities and gain unauthorised access or carry out distributed denial-of-service (DDoS) attacks. The problem for many firms today is that the digital economy is moving at a rapid pace where managing security and risk presents numerous challenges.
Analyst firm Gartner recently stated that by 2020, 60% of digital businesses will suffer major service failures due to the inability of IT security teams to manage digital risk. It is also predicted that data traffic will flow directly from mobile devices to the cloud and completely bypass enterprise security controls. Significant shifts in culture, behaviour and technology are required throughout the organisation chain.
The stage is set for security executives to operate more like intelligence officers and trusted advisors. A comprehensive overview of the threat landscape delivers valuable insights. Understanding how all the players play their part is crucial to ensure that the right skills and systems are effectively working in harmony to tackle a major breach. The key is to keep your audience happy. With a robust ecosystem of app security and cloud solutions in place, firms can ensure their customers’ data is safe and comprehensively managed.
Interestingly, 90% of today’s security budgets are still spent on protecting everything except user identities and vital applications. Now is the time to take a different approach and shift cybersecurity investment towards detection and response. It is more effective to move away from trying to protect all IT areas, and focus on what matters, tackling malicious behaviours and incidents. From a place of knowledge, organisations can focus on those threats to which the organisation is most vulnerable.
Top tips to keep the performance on schedule:
- Gain full visibility into critical data. Ensure business-critical applications remain up and running by protecting against comprehensive network and application-level DDoS attacks, minimising business impact from volumetric and encrypted attacks. Cheap-to-rent bots with plug-and-play attacks, through to the new reality of IoT botnets, are easy for hackers to make and launch terabyte-per-second attacks. Visibility brings value.
- Comprehensive protection. Use an ecosystem of advanced security solutions that cover mitigation from L4 on upwards, including flaws or weaknesses in business logic that are exploitable by bots (anti-fraud) and DDoS Vectors. Take immediate action on new DDoS threats by leveraging customised code to mitigate traffic based on any type of content data; detect and defend against zero-day exploits.
- Implement and monitor strong access management controls. Manage the volume of user identities by enabling single sign-on to reduce the number of passwords that are stored insecurely across multiple critical systems. Validation and authentication of users are vital to ensure that bad actors or unknown people are not able to access applications.
- Implement multifactor authentication (MFA). This is for accessing the network and applications because identities get compromised. One or more users will get phished and without MFA, the network, applications and data will be breached.
- Implement fraud protection. Encrypt user input as information is typed into the browser (application) – real-time encryption of sensitive fields hides the actual user inputs defeating browser-based key loggers.
- Do not use weak or default username and password combinations (admin: password). Prevent brute force exploits by implementing account lockouts after six failed login attempts. Hashed passwords provide virtually no protection.
- Automate web application vulnerability management. There is always time between detection and mitigation in which a web app firewall (WAF) can patch a vulnerability automatically. A WAF requires routine attention by an experienced engineer. Many organisations are opting for managed WAF services versus hiring in-house expertise that must support 24x7x365 operations.
- Implement a culture of security. Attitudes to risk and a firm’s culture of care to security are often equally as important as having robust technology in place. A data breach is not always determined by a threat actor. In fact, any unencrypted personal information acquired by an unauthorised person can be classified as a breach.
Cybersecurity is a continuous process of identifying, assessing and remediating threats and weaknesses, as well as analysing, modelling and simulating potential impact. Securing applications is the solution to safeguarding data and protecting business performance. The true measure of an organisation is how it responds to threat actors and cybercrime. With an effective ecosystem of security solutions and services, we can all bring the curtain down on cybercrime more quickly, to enjoy a much better performance from our daily operations and keep our audience safely protected. Now that’s worth a round of applause.
By Martin Walshaw
Powered by WPeMatico