Winning the security game with intelligence

Asia Pacific’s inclination for the speed and efficiency in the Internet of Things (IoT) will drive the adoption of connected devices to five billion by 2020 at an estimated US$447 billion worth. As more industries become increasingly cognizant of the advantages a digital approach offers, new business models have introduced the state of always-on demand for application availability to meet personal and corporate needs.

F5 Networks’ research has found that on average, an organization uses 1,175 applications. For businesses, the wealth of data that follows is becoming incredibly taxing to manage. Studies have already shown that Asia Pacific is 80 percent more vulnerable to cyber security attacks than other parts of the world.

If business leaders were hoping for a respite in managing cybersecurity issues, the current climate shows that it’s an endeavor that requires urgent, comprehensive and ongoing attention. In the past two years, Asia Pacific has seen data breaches from the likes of Philippines’ Commission on Elections (COMELEC), in which the data of 55 million voters were compromised; India’s National Payment Corporation (NPCI) had 600 customers’ data attacked and the US$81 million heist at Bangladesh’s Central Bank. Even Singapore’s Ministry of Defence was not spared, as the personal data of 850 servicemen were stolen, but the intention was much more heinous. Official military secrets were targeted.

F5 Labs threat analysis report on IoT devices also found that China, South Korea and Vietnam led the way in hunting for vulnerable IoT devices. This is especially prevalent in China who is leading the way with a total of 52 percent of brute force scans—more than all the other top 19 countries combined.

As IT departments struggle to adapt amidst a risky and on-demand environment, there is a greater urgency to understand the nature of the new threats they face, reevaluate their security strategy and find the right resources and processes to ensure integrated, intrinsic protection.

Asia Pacific’s organizations increasingly require actionable, relevant and timely threat intelligence for them to live up to the app-etite for speed, agility and transformation, while maintaining a competitive advantage. Protecting customers and data in these markets now require deep insight into application traffic and user behavior, sophisticated threat intelligence and response strategies through three simple processes:

1. Clarity – Can’t protect what you don’t know. To “know,” you first have to be able to “see” into all your application traffic.

The advent of IoT devices opened up infinite possibilities and revolutionized operational processes. However, the catch is that its potential for vulnerability was unprecedented and the sheer variety of devices increases the likelihood of attacks exponentially. These devices—and the applications that run them—typically do not undergo vulnerability testing, nor have they been designed to enable secure remote management. This is the blind spot that needs to be covered on all fronts when it comes to application traffic.

1. Context – Seeing is meaningless without an understanding of all applications and the external factors that can affect your ability to secure them.

The number of devices are multiplying and so is the way users interact with them. This is evidenced by the high proportion (50 percent by 2020) of millennials entering the workforce and the prevalence of mobile connectivity giving rise to higher usage of apps. This new generation of workforce uses an app for nearly every task and every command, preferring the BYOD (bring your own device) model on-premises. This introduces an entire array of unsecured applications, vulnerable to new threats into secure perimeters, in the form of sophisticated attacks such as Mirai, the Hajime IoT worm, Geinimiand that are nearly impossible to detect all at once. These attacks can debilitate entire organizations through compromised devices by spreading ransomware, malware, and extracting sensitive data—all consequences that cost far more to remedy than to prevent.

1. Control – Without the ability to apply the right security control, it doesn’t matter how much visibility or context you have.

Most insights into visibility attribute security controls that offer visibility after-the-fact, where we are able to monitor what type of attack happened, when it happened, after it happened. By this point, the milk has already been spilled and the price still has to be paid. This points to the fact that visibility isn’t everything when trying to secure applications and perimeters, especially since attacks are increasing in sophistication – case in point, F5’s 2017 State of Application Delivery Report showed attack sophistication as the challenge of highest concern for respondents exceeding 50 percent in Asia Pacific.

Now or Never

Clearly, the digital economy is upon us and Asia Pacific’s businesses have to adapt to combat sophisticated attacks as well as adversaries. It is important to understand that adding context, clarity and control to existing architecture can be immensely rewarding. This does not mean we ought to compromise on security in favor of visibility for mitigation, but more importantly recognize the need to apply security controls in ways that enable visibility without hindering an application’s safety or its performance.

This article appeared on Security Asia on March 14th, 2017