Enterprises need to invest in technologies and procedures to be able to execute end-user ITOA (IT Operations Analytics) for security, to reinforce their existing security measures and immediately detect any abnormal activity, writes Poul Nielsen, pictured, of Nextthink. Hackitivism is a real and growing threat. These types of malicious attacks always use APT (AdvOne of the major security concerns facing enterprises today is an ‘APT’ (Advanced Persistent Threat). Basically, these are targeted attacks (like the Shamoon malware attack in the Middle East), executed by a hacker or group of hackers who may not be motivated by financial gain, but instead by political gain known as ‘hacktivism’. Enterprises need to take measures to protect the weakest link in their IT infrastructure – the endpoints and end-user devices, to ensure compliance enforcement of corporate security policies and standards.
Enterprises have already been investing in security technologies, antivirus software, training and awareness for end-users. However, enterprises can strengthen security measures in place with a solution that can provide real-time ITOA (IT Operations Analytics); to be able to detect changes compared to normal activity patterns and be immediately alerted to threats or incidents and non-compliant end-users.
The real risk enterprises face is a combination of the increase of targeted hacktivism and the lack of technologies in place to detect it. Hacktivism originating from motivated hackers for a certain cause or ideal will always start by infecting end-users and their devices, as they are the easiest to target. Enterprises need to invest in technologies and procedures to be able to execute end-user ITOA for security, to be able to immediately detect any abnormal activity. Hackitivism is a major threat that tries to harm the reputation of enterprises, to make noise in the media and to make a political point. These types of malicious attacks always use APT methodology and target end-user devices, because today most enterprises don’t have the technology nor the procedures in place to execute ITOA for security in real-time, all the time, to detect deviations from normal activity of end-user devices used by hackers in their attack.
Enterprises are realising they need to better understand the vulnerable points in their IT, to tighten security measures against the increasing numbers of aggressive targeted attacks. Sophisticated APT and malware attacks show that employee endpoints are the weakest link in the IT security chain and pose significant risks as the area where enterprises are most vulnerable.
Very large enterprises that are subject to APT and could be potential targets for motivated hackers, must take the necessary measures to strengthen their IT security measures. Real-time ITOA for security will play a critical role in helping enterprises add an additional layer of security against threats to their infrastructure endpoints and end-users.
There are many technologies and solutions that can be integrated together to achieve better IT security for enterprises. A very important one is the ability to monitor and to analyse the activities made by all endpoints and end-users over the entire enterprise network. It is an illusion to think that enterprises can stop the initiation of a targeted attack. However, enterprises can strengthen their security through the ability to visualise their IT infrastructure and endpoints in real-time, and to be able to process this information coming from multiple sources and technologies using ITOA. Being able to detect an attack at a very early stage enables enterprises to react and to stop the attack from spreading. Enterprises need to be proactive when detecting abnormal activities and enforce security compliance standards at all times with real-time and accurate information at their fingertips.
Large enterprises definitely need to invest into solutions that can provide real-time visibility and ITOA of their entire infrastructure and endpoints. Large enterprises need a solution to strengthen their security from the head office to the remotest branch location, which can enable them to detect and remove malware infections without adversely impacting employee productivity and existing business processes.
About the writer
As Director of Strategy, Poul Nielsen has responsibility for corporate, partner and field marketing worldwide. His mission is to cultivate and communicate Nexthink’s brand equity and to lead marketing. Poul works with product marketing to align strategy and with sales for lead generation. Poul has over 20 years of executive management experience at TriActive, Altiris, Computing Edge, Computer Associates, and Digital with strong background in routes-to-market strategy for hyper-growth.
