ISS reveals cyber attack trends

No doubt you are only too aware that the number of serious security incidents has been rising this year. In fact, they have increased by 13.7 per cent in the second quarter of 2003 from the first quarter, according to a July Internet Risk Impact Summary Report (IRIS) from Internet Security Systems, Inc. (ISS) of Atlanta, Ga.

ISS claims its IRIS is the only quarterly report to provide cyber attack trends based on factors such as the industry’s largest number of monitored security devices, actual attacks detected and researched vulnerabilities. It sees the increase in threats as overwhelming companies that cannot keep up with the demands of patching systems.

Patch management – keeping up to date with security patches in order to get in front of the curve of vulnerabilities and exploits – is the topic du jour with clients, reports Trevor McDermott, major account executive, Financial Institutions, ISS.

He says people understand that security is not a point solution that can be solved by one device. Rather, the goal is a dynamic threat protection environment and the approach is defence in depth.

McDermott says managing the risk that leads to consumer unease entails managing data integrity, visible disruption of service such as a trading floor halt, and vendor viability.

“With more and more remote connectivity through VPN or remote dial in, the protective shell or historical edge of the network has cauliflowered,” he adds. The result has been an increase and interest in personal firewall and intrusion detection systems being enforced and distributed to thousands of remote end points.

While ‘the bad guys’ never seem to be understaffed, security departments are not well staffed, he finds, so they need to leverage technology to gain time beyond the care and feeding of devices to actually turn data into information with which they can correlate vulnerabilities to attacks and understand what certain attacks mean in relation to security as a whole.

McDermott stresses that it is vital to get effective reporting and to be able to “translate metrics of concernables” in order to explain it to executives and vice-chairpersons.

Meanwhile, the challenge for vendors is to make an enterprise product line effective out of the box but easily tuned without a lot of management overhead, he concludes.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now