ISS reveals cyber attack trends

No doubt you are only too aware that the number of serious security incidents has been rising this year. In fact, they have increased by 13.7 per cent in the second quarter of 2003 from the first quarter, according to a July Internet Risk Impact Summary Report (IRIS) from Internet Security Systems, Inc. (ISS) of Atlanta, Ga.

ISS claims its IRIS is the only quarterly report to provide cyber attack trends based on factors such as the industry’s largest number of monitored security devices, actual attacks detected and researched vulnerabilities. It sees the increase in threats as overwhelming companies that cannot keep up with the demands of patching systems.

Patch management – keeping up to date with security patches in order to get in front of the curve of vulnerabilities and exploits – is the topic du jour with clients, reports Trevor McDermott, major account executive, Financial Institutions, ISS.

He says people understand that security is not a point solution that can be solved by one device. Rather, the goal is a dynamic threat protection environment and the approach is defence in depth.

McDermott says managing the risk that leads to consumer unease entails managing data integrity, visible disruption of service such as a trading floor halt, and vendor viability.

“With more and more remote connectivity through VPN or remote dial in, the protective shell or historical edge of the network has cauliflowered,” he adds. The result has been an increase and interest in personal firewall and intrusion detection systems being enforced and distributed to thousands of remote end points.

While ‘the bad guys’ never seem to be understaffed, security departments are not well staffed, he finds, so they need to leverage technology to gain time beyond the care and feeding of devices to actually turn data into information with which they can correlate vulnerabilities to attacks and understand what certain attacks mean in relation to security as a whole.

McDermott stresses that it is vital to get effective reporting and to be able to “translate metrics of concernables” in order to explain it to executives and vice-chairpersons.

Meanwhile, the challenge for vendors is to make an enterprise product line effective out of the box but easily tuned without a lot of management overhead, he concludes.