Cyber crime, aka e-Crime, presents a highly complex and sophisticated threat that has been evolving rapidly recently. The unfolding legitimate cyber world makes for a hunting ground for unlawful commerce in contraband software and services. The black cyber market has made criminal devices so accessible and low cost, the result has been their exponential rise in both sheer activity and expertise.
One security department seems to be dedicated to addressing this development. Employees at RSA, a division within EMC, recently toldthat effective cyber security entails protecting all sectors, meaning safeguarding institutions, commercial enterprises and private users. This effort consists of two stages or levels. The first stage comprises of education and expanding awareness to the cyber threat, it scope and feasibility, and its potential consequences. The second stage addresses intelligence: information sharing between all involved parties.
Regulation and legislation do not constitute a prerequisite for everyone to be on the same page. They do not necessarily facilitate security standardization. Rather than enacting laws, parties should be aware that dynamic security technologies provide an excellent solution. In fact, they force all sectors to come together and cooperate, as well as hold ongoing, consistent threat analysis. It is this activity that allows for flexibility and addressing the ever changing threats.
RSA experts note that in view of the dramatic increase in the incidence of cyber attacks on the one hand, and the rapidly changing types of threats on the other, it is clear that organization will become caught up in a ’cat and mouse game’ of cause and effect: monitoring vulnerabilities and addressing them until the next round, and so on. In such a state. The veteran dogma, of relying on fixed, uncoordinated defense lines, is simply no longer sufficient. In this day and age, solutions such as various types of anti-virus and firewalls will not do.
Cyber security should be flexible, easily modifiable and adaptable to ever changing threats, and based on contextual paradigms which make use of the best and most innovative technology available. The latter takes the form of cloud computing and Big Data Analytics, which are designed to address the ever increasing demand and specifications on the part of private, commercial, institutional and organizational users. This is all the more so when it comes to infrastructure and to end points: smartphones, social media, data and information sharing and so on.
EMC is a global giant provider of technology and infrastructure to the IT sector as a whole. RSA, the company’s cyber security division, has featured tailored products such as RSA Web Threat Detection. This software, and others like it, are designed to gather huge volumes of data and, derived from internet traffic, and analyze them in real time. This type of software is used to provide real time intelligence and analysis vis-à-vis the organizational user who is working within the organizational website. The system is capable of monitoring anomalies and detect them, thereby enabling near real rime response and threat foiling even before it unfolds or becomes significant.
Detecting various threats: these a hacker’s include hostile takeover of one’s account, DDoS (Distributed Denial of Service) attacks, credit card fraud, cyber robots and other such automated means. In order to monitor and detect them all, the system creates a user profile and adjusts it as it evolves. The system then compares this profile to that of a “normal” user. This characterization is based on an average of users who are in the system or the site at the same time. RSA’s rules engine enables various responses to various levels of threat. Users’ patterns can also be compared to past sessions. For instance, the same person would not enter their own account twice within 15 minutes, once first from the US and then from Australia.
Fuente e imagen: i-hls.com