Juniper Networks released extensive research into the attitudes of individuals representing businesses towards information security, threats, perceived risk and the understanding behind the motivation of the human beings responsible for security breaches. Here, Michael Callahan talks us through the research and outlines what conclusions can be drawn from the results and how to implement these into security solutions.
Tell us more about the research you are unveiling at Infosecurity Europe 2013?
We started asking customers what did they think about security do you have any breaches and what solutions do you have and were they working or not and what was interesting was that over 56% of customers said that the solutions they currently have are just not up to the task.
So talk us through some of the results of the survey, what were the threats you identified? Were you talking to individuals or were you talking to organisations?
We spoke to individuals but they represented organisations and they were of all sizes, small, medium and large. We asked them what their biggest threats were and it was interesting that for most of them there biggest threat was coming in off web applications even more interesting was that 32% of the responded said that they had had more than once breach in the last year which is incredible if you think about it so it is not that they had one they admit that they had one it was the 32% who had had more than once so that could have been 3,4,5 or whatever, which shows that the problem is not going away at all as the data would suggest that their current solutions are not getting the job done.
Are the frequency of threats perhaps increasing as well?
It could be the frequency of threats it could also be targeted threats so that when you see the success rate going up as it has it shows that people are being very sophisticated where they are not just going for a broad faced approach and they are being very targeted and very specific in what they are going after and why.
Did you find the businesses you have spoken too were taking security issues seriously before they were attacked or was it the attack that gave them the reason to go ahead with the security measures?
It is interesting what you are saying because everyone knows that there is an issue out there and there are security threats which really creates change when it happens to them so something bad happens to them and there are a few industries and organisations which need to be more proactive and I would say the government, the finance industry they are always trying to be proactive and make steps to ensure but then there are the companies to take the attitude that take the view that until something happens to them then when something does happen it is a lot of action really fast.
What were the risks that you identified, was it mainly theft of data or identities or what were the common risks?
It was a combination of things so there is IT being stolen, so if you happen to be in an industry where something is very attractive to someone then someone will try and go in try to steal the IT, maybe it's a pharmaceutical formula, maybe it is the plans for some sort of piece of equipment so you will see that. You will also see it internet connected and there was recently an attack on the bank of the west where $900,000 were stolen in just a couple of minutes so the threat has generally moved from fame which if you remember years and years ago it was just how quickly can I get someone an email attachment so that they get a mass mailer going and now it is very much some sort of tax issue or some sort of financial motivated or its socially motivated so it is something to make a point.
Of course one of the stories this year is the risks of threats towards mobile and mobile working organisations, what were your findings in that area?
It continues to be a bigger and bigger issue and we identified it as an industry a security industry years ago that the mobile threat was going to be a big problem. It is starting to become a real problem because mobiles are becoming mini computers where in the past what was on your phone was your contact book and very little data was stored on your phone so it wasn't that you had an earnings press release or a powerpoint that was your strategy on your phone. Some people made the most of the time if you did so that if you lost your phone or someone else took control of it you had a minimal risk now because more data and more information is being stored on your phone it is a much bigger risk and the fact that you can have the ability to have more data and more information stored on your phone it is a much bigger risk and the fact that you can have the ability to VPN in off these mobile devices now you can actually get access to the network now people are actually seeing that a mobile device is a legitimate real threat.
What is the attitude out there from organisations towards where the responsibility lies for dealing with threats?
I think the attitude is slowly changing I think in the past the end user felt a little responsibility and I think they just thought it's my device and I am going to figure out a way to connect to a network and you know see what comes. Now I think that they are seeing that by not taking some responsibility it is not only impacting on their organisation it's impacting on them personally so if something happens to their organisation it could affect their livelihood so I think it's this combination of people that are taking more responsibility from the service provider to the organisation to the individual.
Using the trends and patterns from the Juniper Networks survey and looking forward to the future how do you think things are going to change within security over the next couple of years?
The one thing that remains constant is the attacker so what we have seen over time is devices have changed the infrastructure has changed and how you push the information out to people. The threats have changed from mass mailers to the something injectors , and in those particular things remain pretty consistent are the threats but they have changed the thing that remains consistent is the attacker so the attacker is the key thing to focus on so we are making a lot of investment to identify the attacker knowing that the infrastructure is going to change and the end point is going to continue to become mobile and the threats are going to continue to be used and are going to continue to be used but the attacker continuing to be consistent if we can identify the attacker we will significantly be able to increase the security by knowing the attacker and blocking the attacker and I think we will be talking about the attacker for quite a while.
I find it easy to forget that behind most of these threats and attacks that there is a human being. How important is putting a profile together of that person in helping the industry deal with threats?
Absolutely that is exactly right and that is where we have invested a lot of time and a lot of effort in identifying that attacker and what is their approach and if we can identify them we can stop them. It doesn't mean there is some automated reconicence going on because there is. There are some technologies that hackers will us that will do some scanning and understand whose more vulnerable than us and that can be very automated but when they get to a specific attack because they going to either try to break into a bank to get money or try to steal IT or trying to steal or make some sort of social statement there is a real pattern that the attackers have and if we can identify them by their pattern we can then be more effective in blocking them and we are doing that with our product called webabsecure which integrates a spotlight which is a global tact intelligence agents.
Well of course 'Spotlight Secure' is your new product for this year. What was the gap in your offerings that led to the development of this product?
We found that was backed up by the study that more and more people were concerned about their web applications so we looked around for how do we address it and we found some real technology in a company called Micinos a company we acquired about a year almost a year and half ago. We brought them into the Juniper family to develop the product more and now have a product that is shipping product call webabsecure which uses intrusion awareness technology to trap and track hackers so as they are trying to manipulate a web application we start tracking them and we start laying little traps for them to walk into so we can identify them. Once we identify them we take that information and send it up to a global data base in the cloud of all of the attackers so that when that attacker decides to go to a new site we already know about him and if anyone is using Juniper security solution he will be blocked from attacking and the end will be in sight.