An information security blueprint, part 1
Symantec's Francis deSouza lays out the requirements for a more practical way of addressing information security threats
By Francis deSouza, Senior Vice President, Enterprise Security Group, Symantec Corp.
May 03, 2010 — CSO —
The recent the Hydraq attacks were the latest example of just how radically the Internet threat landscape has changed over the past few years, and how vulnerable companies and their information stores are to cyber attacks. The attackers were not hackers, they were criminals attempting to steal intellectual property. Hydraq is an example of how cybercrime has evolved from hackers simply pursuing public notoriety to covert, well-organized attacks that leverage insidious malware and social engineering tactics to target key individuals and penetrate corporate networks. Many of today's attacks are highly sophisticated espionage campaigns attempting to silently steal confidential information. This should raise the alarm for companies of all sizes and across all industries, as information is a business' most valuable asset. Information not only supports business, it also enables and helps drive it in a global marketplace in which having the right information at the right time can mean the difference between profitability and loss.
However, while information security has never been more important, it has also never been more challenging. Businesses have more information to protect at more points against more threats than ever before. In such an environment, businesses can build an effective defense only after they first understand the peculiarities of today's threat landscape and then identify their own specific areas of vulnerability. Armed with this information, organizations can then develop an information security blueprint that is right for them—one that is comprehensive, proactive, enforceable, and manageable.
More Threats, More Complexity
Today's headlines are rife with accounts of information security threats and data breaches, and this alarming trend is clearly borne out in statistics as well. For example, in 2009, Symantec identified more than 240 million distinct new malicious programs, a 100 percent increase over 2008.
However, viruses, worms and other types of malicious code are not the only threats to information today. Businesses now are also at risk from botnets, phishing attacks, and spam. Sixty percent of all data breaches that exposed identities were the result of hacking. In a sign that this issue is not limited to a few larger enterprises, the 2010 Symantec State of Enterprise Security Report found that 75 percent of enterprises surveyed experienced some form of cyber attack in 2009. And spam made up 88 percent of all email observed by Symantec. Of the 107 billion spam messages distributed globally per day on average, 85 percent were from botnets, according to the Symantec Internet Security Threat Report.