Magazine Article | January 1, 2006

Assessing Network Threats

Source: Innovative Retail Technologies

Integrated Solutions For Retailers, January 2006

Threats abound on the Internet and grow at a geometric rate. According to many analysts, 2005 saw a 50% jump in the total number of Internet threats. Worse yet, the complexity and sophistication of each threat climbs as new exploits are born through failed security patches, minimizing the ability to quickly react and contain the threat. As you open up your network and turn on the always-on enterprise, it opens the door for many breaches that not only affect your data and store productivity, but also your ability to be compliant with the growing number of regulations and laws associated with protection of data.

The Increasing Network Threat
Threats can be broken down into several categories. The most widely known is the virus. Viruses, like their biological cousins, morph constantly, making them adaptive and often immune to new security patches. Equally threatening are the other types of malware being created by blackhat hackers, spyware being among the most damaging. Spyware gains private information by placing stealth software on desktops or servers to watch for and gather specific information. The definition of malware and its various forms is tricky at best, evidenced by the recent splash caused by Sony and its “protection” of media that was classified as spyware, prompting industry giants such as Microsoft to take immediate action to remove Sony code.

Attacks, or DoS (denial of service), are another Internet threat. This involves the creation of legions of zombie computers to attack specific targets such as Web sites, firewalls, or specific IP addresses, rendering them useless. DoS attacks gained notoriety by taking down the Amazon.com Web site a few years back. These attacks have become sophisticated, with hundreds or thousands of attack sources that can’t be easily identified, focused on a single malicious purpose. Traditional firewalls do not stop these attacks, nor does antivirus software. Intrusion prevention systems are the first line of defense to mitigate these attacks.

Spam not only consumes a vast amount of computing and IT resources, it is also being used as a delivery mechanism for malware, viruses, and phishing attacks. Browsing the wrong Web site can invite the same host of threats.

Managing The Threat
The first step to managing network threats is to allocate a portion of your IT budget to compliance and security. Surveys are now showing that the biggest spending priorities for CIOs in 2006 are compliance and security. In a recent survey by security analyst Nemertes, 60% of the senior IT people surveyed said compliance was the category getting their spending and management attention. But security is not absolute, so best practices call for a dynamic, layered approach that involves:
  • Identification and classification of mission-critical data, intellectual property, and applications
  • A programmatic approach of technology and process to ensure continuity of items identified above
  • A training and awareness program of risks to your organization
  • An auditing/reporting capability that supports compliance with externally imposed security requirements such as PCI
  • A remediation program for identified shortcomings.

While these threats seem daunting to tackle with limited resources, the security industry is increasingly able to manage them and ensure compliance with the regulatory environment. Increasingly, security companies are providing these capabilities as a managed service, essentially creating a turnkey secure environment to lock down your network and provide you with reports on threats and mitigation of attacks. This in turn can be used as strong fodder for the legions of auditors ensuring conformity to the laws of compliance.