In terms of risks and the likelihood of an attack, Romania does not make an exception, even though its Gross Domestic Product which is lower than the European average positions us, apparently, as a secondary target. This was the conclusion reached by more than 50 professionals in the field of cyber security who participated on 3 December 2015 at an event organized by Datanet Systems, Cisco and Ziarul Financiar.
The event had two major components: the analysis of trends in global and local cyber security, presented by the representatives of CERT-RO and Cisco, as well as the presentation of a next-generation security architecture, exemplified in concrete terms by Datanet Systems professionals.
The security incident statistics, made public by CERT-RO, shows that Romania’s situation is similar with the global one. With 2.4 million IPs involved in security incidents, more than 10,000 .ro domains compromised in 2014, a substantial increase in APT (Advanced Persistent Treat) type complex incidents and, not least, a large number of alerts issued for IOT type devices, the situation makes the whole community in charge of computer security think. Even if the country’s profile is more of a “proxy” used to amplify and multiply attacks and less as a final target, there is still a clear increase in attacks against financial institutions and organizations, which aim to collect credentials.
Augustin Jianu, General Manager of CERT-RO, believes that “in terms of risk, Romania is on the same level as any other developed market, and companies must be on high alert. Vulnerabilities are global and it is hard to say whether the attackers are less interested in Romania due to the fact that we are a country with a lower GDP. No one is safe, at a cyber-level. We live in an era similar to the Wild West and it is up to all the market’s actors to protect themselves, even if there are joint efforts at strategic and legal level.”
In this context, Cisco maintains a comprehensive monitoring and alerting system that analyses every day billions of code lines and seeks solutions to limit the time between the identification of a vulnerability and finding a solution. Cisco Studies show that “68% of the data are stolen in the early hours of the attack, and 54% of attacks remain undetected for several months,” a reality that most companies are not prepared to face. Moreover, the representative of Cisco, Gaweł Mikolajczyk, Info Security Investigation Manager, estimates that the Cyber Crime market is about ten times higher in value than the security solutions market and therefore the groups of hackers are well motivated and have huge financial resources available. Cybercrime, from Cisco’s point of view, is a very dynamic process, and to control it, attention, permanent adjustment and collaboration between the various public and private organizations acting on the market are needed.
The discussions were led on a clear path by Cristian Matei and Alexandru Nacea, solutions architects for information security within Datanet Systems that have made the transition from trends and challenges to solutions.
The Datanet team pointed out that there is a need of change in approach, meaning that the attention must shift from products to architecture, because this is the only way companies can have an overview of the situation. Moving from the simple purchase of security solutions to implementing advanced strategies, developed based on risk analysis, however, is difficult without qualified resources which are hard to find and preserve internally.
The security architecture promoted by Datanet integrates:
– Enterprise Mobility Management platforms that centrally manage and secure mobile users within organizations;
– Solutions such as Advanced Malware Protection and Next-Generation Intrusion Prevention System, which increase the rate of detection of potential risk factors and block threats at an early stage;
– Information Security and Event Management Systems, which correlate information and undertake contextual analysis of risk factors, extend visibility and control over the entire infrastructure and automate the application process of security policies.
Datanet representatives presented and illustrated how the new Cisco technologies transform the network in a latest generation firewall that provides protection in all phases of a cyber-attack: before, during and after a security incident. Another technology detailed during the presentation was Cisco pxGrid, a platform that simplifies the integration and collaboration of security solutions from different vendors, so they can be used to build a unified architecture.
“Datanet has a complete portfolio of next generation security solutions, pretested, from major players in the global IT market. Our main competitive advantage is the fact that we can capitalise this portfolio in the benefit of the customer using the skills and experience that we have gained in various implementation scenarios”, concluded Cristian Matei, Datanet Systems specialist at the end of the event.