Ignoring it doesn’t mean that there aren’t massive cyberthreats

23.01.2012 by Martin Kuppinger

The hot topic in IT (and beyond, for many organizations) in 2012 will be Security, including all its facets such as Identity and Access Management, SIEM (Security Information and Event Management), Anti-Virus and IDS/IPS (Intrusion Detection/Prevention Systems), and all the other components. That will also give the GRC market (Governance, Risk Management, Compliance) another strong push, because GRC tools are increasingly used to define and manage security controls in a consistent way. GRC is becoming the business interface to security management, translating the complex information for the business and providing a consistent insight. This consistency is mandatory for a holistic view on increasingly complex attack scenarios.

The reason why security will be the topic in IT this year is simply that the number of attacks from the Internet is increasing. In popular terms this frequently is named “cyberwar”. However, most of it isn’t war; most of it is organized crime. So we should be careful with the term “war” in that context.  Nevertheless, there are more cyberthreats than ever before. More precisely, there are many groups of attacks on the Internet. Governments are attacking other countries – as (most likely) in the Stuxnet case. Hacker groups are attacking states and industries, as in the recent Symantec source code leak, which appears to have been an attack of an Indian group of hackers against an Indian government agency or in the recent Anonymous attack targeted against the finance industry. And many different groups, from nation-states to politically-inspired hacker groups to organized crime, are attacking companies. The reported numbers of large companies having been attacked in 2011 is coming close to 100%. There is an increasing number of attacks against SCADA (Supervisory Control And Data Acquisition)  systems, i.e. systems controlling industrial environments and the likes.

There are different motivations of attackers. There is the “war” part, which most likely runs as part of a bigger “hidden war” (think about the recent killing of an Iranian expert from the nuclear industry) for example between Israel and Iran. There are the criminals, looking for money. There are the hackers, looking for honor and glory, for acceptance, for domination; following their social or political targets, they are also attacking a lot of different targets.

Regardless of the motivations, the game has fundamentally changed during the past two years. And I’m convinced that what we see is only the tip of the iceberg – and only the beginning. However, in 2011 not only the threats have increased but also (fortunately) the awareness of organizations has increased as well. Nevertheless, there is a significant gap between the level different attackers have reached and that of the potential targets. So the potential targets have to react and invest in security.

As I’ve written in several of my other posts, especially around SIEM and the need for holistic security concepts, it is mandatory to address the growing security challenges with a holistic perspective. APTs (Advanced Persistent Threats) are proving that attacks are getting more complex and sophisticated – and that there is no way to counter them with a single layer of security.

If you want to learn more about these issues, EIC 2012 is the conference to attend. See you in Munich in April.


Services
© 2014 Martin Kuppinger, KuppingerCole