Time to take cybersecurity thinking beyond perimeter defence

02 Sept 2019

South African businesses are a prime target for the world’s unscrupulous cybercriminals, and it’s costing local companies crippling sums, with a single data breach having an average cost of R36.5 million in 2018 according to a new IBM Security study. This ever-climbing figure isn’t even factoring in damage to brand reputation. Part of the problem is that, when it comes to digital security, too much emphasis continues to be placed on perimeter protection, which should be only one aspect of a far more comprehensive cybersecurity strategy designed to combat multiple attack vectors.

An evolving threat landscape

Traditional perimeter defence for companies began and ended with a firewall standing guard between the company network and outside threats typically trying to gain access through public network channels. However, as the nature of business has changed in the Digital Age, the clearly defined business perimeters of the past – often associated with static, enclosed physical premises – have evolved as well. The workforce is increasingly mobile, accessing company data while out the office through a combination of cloud technology and mobile devices. Perimeters have fragmented and network endpoints proliferated.

At the same time, security threats have become increasingly complex. Perimeter defence using filters to prevent unauthorised network access and traffic entry is less effective against email-source attack vectors like malware, spam and legitimate-looking spear-phishing attempts. Ransomware can also enter a company’s network through an unknowing click on an email attachment or accessing a malicious website. The latter poses all manner of threats to company systems as they surreptitiously install or encourage the download of malware.

Outside the realm of digital technology, there’s also still the issue of negligent employees. Whether accidentally or deliberately, these workers can compromise their company’s sensitive information by essentially opening the door to cybercriminals via their access permissions to mission-critical systems. Along with direct financial losses from such a breach, there’s also the risk of significant fines as result of data protection legislation like the GDPR (General Data Protection Regulation) and upcoming POPIA (Protection of Personal Information Act).

Time to synchronise your network security

The big problem is that traditional perimeter security measures work best as a first line of defence but have limitations. These include the fact that, unless signatures are always up to date, the system may not detect a threat and that suspicious activity is harder to handle once it has breached the perimeter.

One strategy is to employ a number of security solutions to mitigate each of the different threat vectors. However, the use of disparate solutions can limit interoperability. Put more simply, getting different products to work together seamlessly – especially when they come from different providers – can be difficult.

A better option then is the use of one synchronised security solution. All-encompassing yet flexible, a unified threat management solution combines multiple security functions and adds greater sophistication and efficiency to network security. It does this by combining simultaneous threat discovery, threat analysis and time-saving automatic response. This proactivity is also applied across the company network, right through to mobile endpoints. For example, synchronised security may detect a compromised endpoint, the firewall will then limit the device’s access to rest of the network until such time as the endpoint software has returned the device to an acceptable state. This ensures that any malicious software on the compromised endpoint is not allowed to further propagate through the network and cause more damage.

SEACOM is introducing just such a smart product in the second quarter of 2019, joining the service provider’s other managed security solutions. It is designed for any-sized business, from SME through to large corporate, ensuring every organisation enjoys the peace of mind that comes from multi-layered protection more coordinated than the efforts of attackers.

Just as cyberthreats to business continue to evolve and become smarter, the same is required of your digital security strategy. Speak to a trusted all-in-one solutions provider like SEACOM to thoroughly safeguard your business and streamline the network security process.