According to Matthew McGlashan, a security analyst with emergency response group AusCERT, a key factor in smaller companies now being more exposed is that security is yet to become part of the normal evolution of a business in the same way as, say, staff naturally are.
"Many small businesses are at the stage where they need to expand their infrastructure, which presents new risks that many are not even aware of," McGlashan says."You’ll often find small businesses are much more focused on expanding their business in a business sense -- such as getting more staff -- than looking at their infrastructure issues."
There is nothing new or unusual about this but as illegal online activity continues to rise and its perpetrators become cleverer, businesses at certain stages of development may find themselves in real trouble.
"The greatest difficulty is with companies that have expanded to the point of needing more IT support and actually being able to identify problems," McGlashan says.
Hackers and the like are also more motivated by financial rewards than they used to be, which has led to a surge in activities like ‘phishing’ to illegally obtain details such as banking account numbers.
"Security is a strange market," according to Andy Solterbeck, general manager of the security division of ASX-listed technology company Senetas and IT Security Forum board member.
"What usually happens in IT is that something comes along and a whole lot of point companies develop IP before a big company comes along and tries to develop the one over-arching solution," he explains."You can’t do this in the security market."
Well not yet, and certainly not when it comes to larger companies in the finance industry.
Solterbeck says that the main concern at the big end of town is developing security strategies that are aligned with corporate compliance and other standards, but that this is not a simple task.
"The challenge for financial institutions is how to build a security environment that allows them to meet their security compliance obligations while trying to build best-of-breed solutions -- they are going to find this quite difficult."
 |
| SecureTel's Stevens: You get the trust by selling the client what it wants |
There have been some startling examples recently of the sorts of threats facing larger organisations, not least of which are cybertracking devices that have been found on points of public and private communications infrastructure in the US.
These devices are capable of reading data directly from cables and can be bought on eBay for as little as US$1000.
"Suddenly the ability to encrypt at high speed with no latency has come to the fore pretty quickly," Solterbeck says.
But while the big private organisations have been the major targets of illegal online activity, other segments of society and the economy are finding that they too are being infiltrated, AusCERT’s McGlashan says.
For instance, it is expected that the expansion of online services throughout the public sector will present a whole swag of new IT security challenges for government departments as they struggle to manage and secure swelling amounts of sensitive data.
"It [hacking] is not just happening to customers of banks; it is increasingly happening to customers of other industries," McGlashan says. And hackers are getting a lot smarter. "Organised crime has worked out 'Why bother attacking companies directly -- just work out their weak spots'."
How creative
According to Andrew Trickett, founder of IT security consultancy CyberInquest, there is a degree of complacency on the part of organisations that having a security product will keep them safe.
He says that proper security strategies should be built on the assumption that the ‘cleverest’ threats are likely to be the most creative.
 |
| Firewall's Frew: Companies have been dropping firewalls in and walking away |
"Some of the best hacks that have been done have exploited things that just weren’t considered beforehand."
One emerging area that organisations should consider,Trickett believes, is the security of VoIP calls.While cautioning against the need for any ‘mass hysteria’, there are cases where large organisations especially should take care to ensure that calls are not able to be intercepted within their own network architectures.
For instance, it is quite easy to intercept a VoIP call using only a simple packet-capture tool, providing the hacker is on the same LAN as the caller. This could present problems to organisations with thousands of staff making VoIP calls.
"It’s certainly very easy to intercept an unencrypted VoIP call by someone actually on the network, and then store and play back that call," Trickett says."In the same way that organisations should try and protect sensitive data or emails, they should also take steps to secure VoIP."
Internet Security Systems (ISS) Australia managing director, Kim Duffy, says that his company was one of the first in the intrusion detection game and is currently moving towards perfecting what it calls ‘The Universal Agent’, a solution for detecting vulnerabilities before the hackers do, so that threats may be more effectively pre-empted. "Before the Slammer worm appeared, we knew it as 'vulnerability x'," Duffy says.
In common with most of its peers, ISS also sees the channel as an essential component in the marketing of IT security solutions.
"They represent one of the fastest growing areas of the market therefore we want to be involved -- we have found that the knowledge within the channel has been increasing very rapidly."
-1.jpg&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
