Emerging trends grab attention of IT security analysts
Emerging trends grab attention of IT security analysts
South Africa is the most targeted country in terms of DDoS (Denial-of-service) attacks and Swaziland has started to appear on security radars of analysts focused on outbound malicious traffic activity. Additionally, Kenya, Uganda, Algeria and Nigeria are being actively targeted with DDoS attacks.
These are several takeaways from a presentation by Vernon Fryer, chief technology security officer at Vodacom, who was speaking at the 10th annual ITWeb Security Summit in Johannesburg.
"We need to start rethinking about what we do with the massive amounts of data," said Fryer, adding that that a overview of 640 000 smart devices in South Africa alone highlighted the volume of malware on android devices and the level of communication taking place between smart devices via backend applications, unbeknown to users.
Another message to delegates was that perimeter security is dead and has been for some time. Despite the call from IT experts, the message is only now beginning to take root.
This is because antivirus companies "rubbed the name of their products off" and positioned their existing offerings as endpoint security solutions, said Patrick Gray, host of the podcast Risky Business (Risky.Biz)
Gray referred to several global IT security incidents, including the cyber security breach of Sony's systems, to make a point that in today's security space, perpetrators can select operational sophistication or technical sophistication to realise their objectives.
He also said that a worrying trend today is that non-governmental movements are getting more involved and there is a real risk of attacks on critical operational infrastructure.
Despite the evolving threats and that, generally, there is little attention being paid to intrusion detection systems, Gray also said that there is "some pretty decent endpoint security software hitting the market" that is designed to prevent total data loss and significantly limit the amount of time an intruder has in a system.