Blended threats demand new security approac

From: http://www.computerweekly.com/Articles/2010/03/12/240595/Blended-threats-demand-new-security-approach-says-Websense.htm

Blended threats are the chief online security risk to enterprises and a new approach is needed to defend against these threats, says security firm Websense.

These attacks are difficult to detect and block using traditional approaches to security, said Devin Redmond, vice-president of product management at Websense.

"Cybercriminals are increasingly using a whole range of attack methods blended together to steal valuable corporate data," he said.

A typical attack may use a targeted, personalised e-mail from a known contact that contains an embedded link to a malicious website that installs an information-stealing Trojan that sends out information using an encrypted protocol.

"The only way for enterprises to defend against these kinds of attacks without disrupting the business is to inspect everything that goes in and out," said Redmond.

Blocking certain categories of e-mails or collaboration channels such as social networking sites and cloud-based services is not a viable option, he said.

Security professionals must find a way of enabling the business to use the growing number of electronic communication channels and cloud services, but in a secure way, said Redmond.

"The business will use these channels regardless, so IT security professionals need to get involved to ensure processes are put in place to guard against data leaks," he said.

According to Redmond, the attacks against Google and more than 20 other companies disclosed in December would have been prevented if comprehensive content filtering systems had been in place.

"By monitoring and analysing outgoing data as well as incoming data, organisations can more easily detect and stop data leaks," he said.

Improving data visibility to enable greater control was a key theme at the co-located Forrester EMEA 2010 Security Forum and Infrastructure & Operations Forum in London, said Redmond.