Attacks are becoming more sophisticated with each passing day
Geoff Haggart, VP, EMEA and APAC, Websense Inc. spoke
to Dominic K about various security trends and on the fact that security
policies will not help much unless backed by automated tools and solutions.
In the ever changing landscape of security what are the
areas of concern ?
Traditionally Websense has been involved with Web filtering
and helping our customers manage their core competencies. Our solutions help
organisations block access to bad sites such as gambling sites, and sites that
does not hold value based on the organisational policies and values.
These sites include from gambling and pornographic sites and also stock trading
and online shopping portals. We have also observed that due to broadband connectivity
individuals at various organisations irrespective of their vertical tend to
use the facilities for personal use. Our focus is solely on managing Web-based
threats and increase productivity and in turn also enhances corporate security.
What are the various trends and patterns you observe in
The trend is that the attacks are becoming more and more sophisticated with
each passing day. The days are gone when individuals receive viruses over e-mail.
When was the last time you got an e-mail with an I love you type
of virus? The current trend is of Phishing or for that matter automated Phishing
more commonly known as Pharming. The only objective of such a attack is to lure
you into committing some kind of error, which might result in the leakage of
your personal information.
Today malware such as spyware and Trojans along with keyloggers can be blended
into one threat vector. The current trend as mentioned earlier is becoming more
sophisticated and blended.
What are the various threats that will be felt in 2007?
In 2006, cybercrime and the evolution of new cyber-criminals increased. 2007,
Websense expects underground cybercrime to become more organised and run a better
economy. As part of that growing economy, the market for zero-day attack code
will be more competitive. This will result in an increase in the number of zero-day
attacks and better attacks on both the client and server-side.
In 2007 organised criminals will join forces with the hacker community to form
a more organised cybercrime economy, which buys, sells and trades hot commodities
such as ready made cyber-attack toolkits and exploits utilising zero-day vulnerabilities.
We also feel that Web 2.0 security issues will escalate as these technologies
are being rolled out en masse with security as an afterthought. It is important
for organisations to have preventive measures in place to protect themselves
from the next wave of increasingly covert and targeted attacks.
The BOT evolution will continue and evolve again with countermeasures.
Distributed command-and-control and the use of other protocols other than Internet
Relay Chat (IRC) or HTTP will be used to control BOT networks. Increased use
of encryption and custom packing of BOTs will also occur.
CERT in Australia has revealed that about 70 percent of malicious code will
get past anti-virus software today because it just wont be noticed and
also because most solutions are not equipped to check the malicious contents
Like anti-virus we do not fix the problem but discover the problem and block
it so that it does not become a problem for a customers daily business
Tell us about the PortAuthority Technologies acquisition.
acquired PortAuthority Technologies last year for approximately $90 million.
The combination of PortAuthoritys information leak prevention technology
and Websenses ThreatSeeker malicious content identification and categorisation
technology should help us strengthen our stand on content security platform.
The result will be a new best-of-breed security software company with the capabilities
to help organisations across verticals to prevent unauthorised use or disclosure
of confidential data while simultaneously protecting users and data from external
malicious threat or attacks.
Through an existing OEM technology alliance established in September of this
year, Websense has been working with PortAuthority to enhance Websense Deep
Content Control technology to deliver comprehensive security solutions that
protect users and data from internal and external threats, both known and emerging.
With knowledge of Internet destinations, protocols and applications, along with
detailed fingerprints of internal data, Deep Content Control technology can
help protect information flowing through the network, including outbound, internal
and Web-based e-mail, Web postings, instant messaging, file transfers and network
Additionally, both technologies will use an integrated policy engine to give
organisations the unique ability to manage and protect information by individual
user rather than by device.
What suggestions would you like to give to organisations?
I feel that having a corporate IT policy and telling people about it is absolutely
useless. You also need to have something that automatically monitors and administers.
This is beacuse people dont know the seriousness of some of the Web sites
that they surf or the attachments they may download or for that matter click
on the link mentioned to them to execute certain updates. To my mind i feel
that the processes should be automated as far as possible.
How did you do in India in 2006?
We continue to see India as one of our high growth markets and also one the
the biggest growth markets for us. We have eight people on our Indian team and
look forward to expanding based on business need.