Here’s how you can manage cybersecurity with efficiency, without compromise

Coming off the back of a host of data breaches over the last two years, the importance of investing in cyber security is more evident now than ever. Virtually no industry has been immune.

According to the Grant Thornton International Business Report (IBR) 2015, one in six businesses experienced a cyberattack in the past year, returning an estimated total cost of business revenues lost to cyberattacks globally of US $ 315 billion over the 12 months. Asia Pacific businesses are pegged to have lost US $ 81 billion while firms in the EU are estimated to have cost firms US $62 billion.

This puts cybersecurity as a high priority business risk, with the capability of impacting organizations at all levels. As a result, there needs to be a comprehensive strategy set in place by the business to prevent digital crime.

However, the addition of a security layer often means two things to organizations – an increase in costs and performance degradation.

The economics of cybersecurity:

Managing risk is a complex task in today’s multifaceted business environment. Chief Security Officers often find themselves in a dilemma. On the one hand, their mandate is to provide secure systems across the board to enable organizations to stay ahead in the marketplace. On the other hand, there is immense pressure to reduce spend on resources as well as equipment. As PwC’s Global Economic Crime Survey (2014) found, while 48 percent of global respondents confirmed that their perception of cybercrime risk increased, the global Information Security budget actually decreased by 4 percent from 2013. This demonstrates that while threats have become more frequent, companies have not stepped up security infrastructure investments to keep pace.

Adding to this, just increasing security spend does not assure security. So the big question plaguing every company is how much is adequate security?

Increasing security impacts performance:

Research released by McAfee, part of Intel Security, suggests that many enterprises are unable to balance their need for high security alongside their quest to achieve optimal network performance. Hence they disable advanced firewall features to evade network performance degradation – a dubious trade-off given the high risk companies face in today’s world. For instance, Deep Packet Inspection (DPI) that helps detect malicious activities before it reaches a network is often turned off as it challenges software. Anti-Spam, anti-virus and VPN access are also casualties of disabled security features in order to increase performance levels.

The challenge is that, in some cases, to get the desired level of security, the information the business needs to operate effectively, and in a timely manner, is so locked down, that operations are either hampered, or users circumnavigate the security measures in place so as to do their job.

The next generation of security:
Given the ever-evolving landscape of cyber threats, it is important that companies find the best possible way to bring in a security infrastructure that does not increase cost or compromise performance.

Fortunately, new high-speed networking, fast encryption, and innovative virtualization technologies are becoming available.

One way to improve security is to make it more fundamental to computing, putting it right into the silicon, where it is in effect more tamper proof since security is built into the compute platform by default For example, new innovations, like “Silicon Secured Memory”, protects regions of memory allocated to a given program. If a program tries to access a region of memory without having a required unique key, access is denied, and an alert can be sent to security monitoring software.

Such security, built in at the processor level can block a widely exploited category of software bugs known as buffer overflows. This helps weeding out rogue programs, such as the Heartbleed SSL attack and more recent Venom bug, which both exploited this mechanism. It can also help spot potential buffer overflows and data corruption caused by inadvertent programming errors.

And while replacing all the processors in a datacenter may not be realistic, if even a small portion of the servers in a cloud have this feature, the datacenter operator will quickly know that it is under attack.

In today’s day and age it is not merely a matter of whether a network could be compromised, but when. Therefore, not investing in security because of high costs or turning off security that has been paid for to increase performance levels cannot be considered solutions at all. With businesses the world over facing security threats, identifying effective ways to get ahead of cybercrime needs to be of utmost importance.


(The article has been authored by Rajiv Mittal – Head Systems, Oracle India)

(Image: Thinkstock)