VENTURES AFRICA – A recent study revealed that 36 percent of Canadian businesses have in one way or the other been hit by Cyber Attacks. Similarly, in December of last year, US-based retailer Target Corp was hit with a catastrophic episode where 40 million payment card numbers were stolen. This trend is rapidly trickling down to the African continent, as Cyber Attacks is increasing becoming a major challenge to most companies.
According to Anton Jacobsz, Managing director of Networks Unlimited, distributors of Fortinet Network Security, many companies are aware of the various potential threats to important data but do not have the proper knowledge and facilities to counter such threats.
In an interview with Ventures Africa, Jonas Thulin, the spokesperson for Fortinet, a world leader in high performance network security, talks about companies that are prone to various attacks, the signs companies should watch out for, measures to prevent such and solutions available for proper combact.
Venture Africa (VA): What are the signs companies should watch out for in order to know if they are being attacked?
Jonas Thuli (JT):The control that a company implements to protect them from attacks needs to be continually monitored. Attacks will be detected and reported on by the implemented protection layered. But if no one is notified and takes actions, then attacks can escalate and potentially eventually succeed. Attackers can be very persistent and will keep on trying until a weakness in a company's defence is detected.
VA: What is your take on the announcement made by Microsoft regarding the withdrawal of support for Windows XP?
JT:Microsoft has a clear support lifecycle policy providing consistent and predictable guidelines for product support availability when a product releases and throughout that product's life. Windows XP was introduced in 2001, mainstream support ended in 2009, and extended support ended in 2014. That's 13 year of supporting a software product, very impressive. Most software vendors will offer n-1 support.
VA: How has PCI DSS security standards helped organisations that handle cardholder’s information?
JT: PCI-DSS provides a clear and measurable standard for what security controls are required to protect card holder data. This is a great tool for organization to ensure they implement the appropriate controls.
VA: Does this standard apply to mobile payment services?
JT: PCI-DSS apply to any system that handles creditcard card holder data, including any mobile payment service relying on credit cards.
VA: Which organisations are prone to the various attacks?
JT: All organizations are a potential target for an attack. Majority of all attacks today are initiated with criminal intent. If an organization has assets of value assessable via the internet, measures need to be considered to provide protection of those assets. Always seeks out advice from a reputable security provider or vendor.
VA: What measures should companies in Africa take to prevent such attacks?
JT: With all of the Data Breaches from Advanced Malware making the news, addressing sophisticated threats is top of mind for most executives. While "Sandboxes" are all the rage these days, they are only one part of a coordinated security effort to combat increasingly sophisticated attacks. Specifically, Fortinet recommends that enterprises focus on five fundamental areas of an Advanced Threat Protection Framework- Access Control, Threat Prevention, Threat Detection, Incident Response and Continuous Monitoring- rather than expecting any one new product to solve the problem.
VA: What types of solutions are available to combat specific attacks?
JT: Securing an enterprise is challenging due to the wide range of business functions that you need to protect. Remote employees, distributed locations, and corporate data centers have distinct security and access requirements that transcend any single security product. Defending an enterprise requires an ecosystem of security products that integrate and operate together to secure and connect your distributed enterprise.
Fortinet's industry-leading, high capacity Firewall technologies deliver exceptional throughput and ultra-low latency, enabling the security, flexibility, scalability and manageability you demand in an edge or core platform. FortiGate appliances and chassis-based devices combine a high-performance Firewall with the flexibility to enable fully integrated personalities (such as VPN, Intrusion Prevention, or Application Control) that provide extensive protection profiles for in-depth defense. Fortinet built the FortiGate line of Network Security Platforms, and the accompanying management and reporting tools, to exceed the performance and security requirements of even the most demanding data center environments.