|
 U.S. insurer Anthem Inc last week said hackers may have made off
with some 80 million personal health records. Also, Amy Pascal said
she would step down as co-chairman of Sony Pictures Entertainment,
two months after hackers raided the company's computers and released
torrents of damaging emails and employee data.
Such breaches, say people in the industry, offer a chance for
younger, nimbler companies trying to sell customers new techniques
to protect data and outwit attackers. These range from disguising
valuable data, diverting attackers up blind alleys, and figuring out
how to mitigate breaches once the data has already gone.
"Suddenly, the music has completely changed," said Udi Mokady,
founder of U.S.-based CyberArk. "It's not just Sony, it's a
culmination of things that has turned our industry around."
Worldwide spending on IT security was about $70 billion last year,
estimates Gartner. ABI Research reckons cybersecurity spending on
critical infrastructure alone, such as banks, energy and defense,
will reach $109 billion by 2020.
Several things are transforming the landscape. Corporations have
been forced to allow employees to use their own mobile phones and
tablets for work, and let them access web-based services like
Facebook and Gmail from office computers. All this offers attackers
extra opportunities to gain access to their networks.
And the attackers and their methods have changed.
Cyber criminals and spies are being overshadowed by politically or
religiously motivated activists, says Bryan Sartin, who leads a team
of researchers and investigators at Verizon Enterprise Solutions,
part of Verizon Communications. "They want to hurt the victim, and
they have hundreds of ways of doing it," he said in a phone
interview.
CLOSING THE DOOR
The result: companies can no longer count on defending themselves
with decades-old tools like firewalls to block traffic and antivirus
software to catch malware, and then assume all traffic that does
make it within the network is legitimate.
Research by IT security company FireEye last month, for example,
found that "attackers are bypassing conventional security
deployments almost at will." Across industries from legal to
healthcare it found nearly all systems had been breached.
"Once an attacker has made it past those defenses they're in the
gooey center, and getting around is relatively simple," said Ryan
Wager, director of product management at vArmour.
Attackers can lurk inside a network for half a year before being
detected. "That's like having a bad guy inside your house for six
months before you know about it," says Aamir Lakhani, security
strategist at Fortinet Inc, a network security company.
Security start-ups have developed different approaches based on the
assumption that hackers are already, or soon will be, inside the
network.
[to top of second column] |
Canada-based Camouflage, for example, replaces confidential data in
files that don't need it, like training databases, with fictitious
but usable data. This makes attackers think they have stolen
something worthwhile. U.S.-based TrapX Security creates traps of
'fake computers' loaded with fake data to redirect and neutralize
attacks.
California-based vArmour tries to secure data centers by monitoring
and protecting individual parts of the network. In the Target Corp
breach during the 2013 holiday shopping season, for example,
attackers were able to penetrate 97 different parts of the company's
network by moving sideways through the organization, according to
vArmour’s Wager.
"You need to make sure that when you close the door, the criminal is
actually on the other side of the door," he said.
'THREAT INTELLIGENCE'
Funding these start-ups are U.S- and Europe-based venture capital
firms which sense another industry ripe for disruption.
Google Ventures and others invested $22 million in ThreatStream in
December, while Bessemer Venture Partners last month invested $30
million in iSIGHT Partners. Both companies focus on so-called
'threat intelligence' - trying to understand what attackers are
doing, or plan to do.
Clients are starting to listen.
Veradocs' CEO and co-founder Ajay Arora says that while his product
is not officially live, his firm is already working with companies
ranging from hedge funds to media entertainment groups to encrypt
key documents and data.
UK-based Darktrace, which uses math and machine learning to spot
abnormalities in a network that might be an attack, has a customer
base that includes Virgin Trains, Norwegian shipping insurer DNK and
several telecoms companies.
But it's slow going. Despite being open for business since 2013,
it's only been in the past six months that interest has really
picked up, says Darktrace's director of technology Dave Palmer.
"The idea that indiscriminate hacking would target all organizations
is only starting to get into the consciousness."
(Editing by Ian Geoghegan)
[© 2015 Thomson Reuters. All rights
reserved.] Copyright 2015 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed. |
