Throwing away the key

Wayne Hull, general manager for Cisco UAE takes a look back at the security issues that have shaped the IT landscape this year

Tags: Cisco Systems IncorporatedUnited Arab Emirates
  • E-Mail
Throwing away the key Wayne Hull, CEO Cisco UAE: "The recession has created new moneymaking opportunities for at least one group of ‘entrepreneurs'— identity thieves".
By  Julian Pletts Published  November 24, 2009

Wayne Hull, general manager for Cisco UAE takes a look back at the security issues that have shaped the IT landscape this year and also contemplates threats to come in 2010 and how enterprises should continue to fortify their networks.

What you think have been the major threats to surface and potentially affect enterprises in the Middle East region over 2009?

As the global economy struggles to regain its footing, one moneymaking sector remains healthy-online crime. This sector embraces technical innovation, collaborates with like-minded enterprises to develop new strategies for generating income, and continues to demonstrate adoption of the best legitimate business strategies to maximize profits.  Online criminals are up on current events and making the most of them.  For example, after the outbreak of H1N1 influenza in April, cybercriminals quickly blanketed the Web with spam that advertised preventive drugs and linked to fake pharmacies. Cybercriminals will often seize on major news events to launch this type of attack.  While many spammers continue to operate with extremely high volumes, some are opting for lower-volume but more frequent attacks in an effort to remain under the radar.

Attacks are now driven by profit, not just notoriety.  With this increased focus on the profit motivated attack there comes new methods of attack, making the profit motivated attack even more difficult to defend against.  Attackers now often operate slowly and over a longer period of time, using a stealth approach to obfuscate the actions that can eventually lead up to a successful, and profitable, attack.

On the other hand, employees in the Middle East and indeed around the globe are using business networks to communicate, collaborate, and access data. Businesses eager to increase productivity have embraced the growing integration of network communications and business operations, and have encouraged employees to take advantage of technology such as wireless devices and public hotspots. Productivity is booming, but network-based collaboration introduces corporate data into a broader environment that is more vulnerable and difficult to protect.

In addition to having more data at risk, businesses today suffer greater consequences if that data is lost or compromised. The loss of intellectual property, such as proprietary product blueprints, financial data, and merger and acquisition plans, can damage a company's reputation, undermine its brand, or jeopardise its competitive edge. Breaches of regulatory requirements for handling sensitive customer data can reduce customer confidence and lead to fines. User education in the form of security awareness training helps mitigate threats. But enterprises can't assume employees will always make the correct choice about which websites to trust.

What have been the most significant vendor and manufacturer developments and milestones this year in fighting cybercrime and threats to enterprise networks?

We live in a connected world with complex security challenges.  New technologies for collaboration and communication are being adopted by businesses and enabling tremendous gains in productivity and flexibility, empowering new customer facing applications based on Web 2.0, Web Services and SOA, and allowing users to work from anywhere, anytime.

The threat environment has evolved significantly in recent years.  The perimeter has begun to erode as more and more applications open up a direct path to users and the external world.  SPAM, malware and other attacks now target the user and their behaviour, allowing them to often succeed despite the reinforced perimeter and deployment of network security technologies.  

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code