Bernice Binet, F5 Brand Executive at South African based IT service management company EOH, analyses why organisations spend 90% of their security budget securing the perimeter of their systems when 77% of cyberattacks happen through apps.
Organisations locally and abroad do seem to be taking cybersecurity a lot more seriously. This is especially true in the aftermath of high-profile data breaches like the Liberty Life incident in June 2018, and in consideration of the stringent compliance requirements of Europe’s GDPR (General Data Protection Regulation) and South Africa’s upcoming POPIA (Protection of Personal Information Act). Gartner forecasts that worldwide information security spending will hit US$114 billion by the end of 2018, a leap of 12.4% from 2017, with a further 8.7% increase (to US$124bn) predicted for 2019.
The same report shows Application Security spend (US$2,7bn) continues to lag behind segments like Security Services (US$58,9bn), Infrastructure Protection (US$14bn), Network Security Equipment (US$12,4bn) and Identity Access Management (US$9,7bn) this year. Moving into 2019, and with financial year-end approaching, it’s advisable for the priority order to shift.
Rethinking cybersecurity for your company
For a long time, the argument was that cybersecurity starts and ends at the perimeter. However, with business’s migration to the cloud in recent years, and the trend towards mobile working and Bring Your Own Device policies, an organisation’s network is no longer as easily defined – and therefore straightforward to isolate from risk vectors – as before. Generally, cybersecurity has seen a shift to a more holistic, dynamic approach over the past two years, with solutions utilising cloud-based technologies such as Machine Learning to ensure prevention is paired with effective detection and response.
Still, even with these layers of protection in place, there is a crack for cybercriminals to worm their way through – easily breachable web-based applications. After all, in the digital era, many employees are accessing and working on cloud-based apps that exist far outside the protection of traditional company firewalls.
The issue is that secure web development is complex and expensive, taking place in an environment where 31 in 33 codebases have at least one high-severity vulnerability for hackers to exploit. Delivery pressures also mean that apps are often released without testing or comprehensive built-in security coverage. This allows cybercriminals to exploit zero-day vulnerabilities and use cross-site scripting and SQL injection to their advantage.
How great is the risk? F5 Labs’ A Decade of Data Breaches report, released in November 2017, revealed that web app attacks are the number one source of entry for successful data breaches, accounting for 53% of 433 cases studied.
WAFs as the solution
Given the prevalent use of apps and their vulnerability to tampering, businesses must make security investment in this area a priority. And a Web Application Firewall (WAF) is your fastest and most cost-effective solution, allowing legitimate users through while stopping attackers.
Although WAFs have existed for some time, the newer generation of these products are suitable for hybrid-cloud environments and is geared towards a risk landscape where manual and bot attacks are rife. Today’s WAFs have the smarts to not merely filter and protect against established attack vectors, but to also auto-detect abnormalities and non-human browsing patterns in a time of malicious bot proliferation. Safeguards against identity and credential theft are also a key component of WAFs as compromised user accounts often open the door to network breaches.
Additional benefits of WAFs are how well they help an organisation meet their compliance obligations, as well as reduce the burden of unwanted, unnecessary and costly traffic – courtesy of bots – on your cloud systems.
Set priorities and get help if necessary
The nature of business is changing as the cloud – and all the solutions ‘floating’ on it, from virtual servers to AI-driven data analytics – becomes an integral part of operations. Cybersecurity focus and spend similarly need to evolve, with continual reassessment, to better protect your business in a rapidly changing environment that demands innovative, evolution-minded on-premise and offsite protection.
At the most basic level, business security should begin with a clear internal policy that audits and tightens access permissions across an organisation’s systems. It’s also important to outline your industry and business-specific threat priorities right from the start to determine your digital security budget. Enlisting a solutions provider like Aptronics can help you through this process and settle on the most effective cybersecurity strategy.