Traditional IT security measures failing

Tradition security defenses are not working against a new breed of cyber attacks, which have increased 6.5 times since 2006. FireEye's Rob Rachwald, senior director of research, said that the new breed of attacks is evading signature-based defenses.
Speaking at the RSA Conference in Singapore yesterday, Rachwald noted that the increasing use of pattern matching also is not effective against new threats.
"A lot of our traditional defenses are not working. It's time to rebalance our security spending." He said over the last ten years spending on IT security has more than doubled to some $30 billion, but the problem is only getting worse.
HP's Dan Lamorena said just 3% of IT budgets are spent on security, and of that 85% is spent trying to block attacks. "A hacker only needs to get through once in 10,000 tries to be effective," which is why it's a poor strategy.
Lamorena, also a speaker yesterday, said taking control of security is mainly a budget issue and most companies aren't nimble in their approach.
He explained that there is an efficient and effective black market for selling data, such as top executive profiles, to potential hackers and attackers. This info is auctioned off to the highest bidder. The next level of attackers then work to gain an access point into firms, then in turn sell that to the highest bidder. The chain can move from mere profile data to secure passwords to financial fraud.
"They are sharing Intelligence about us, so why aren't we sharing our intelligence about them?"
He emphasized the need for security professional to start having conversation and working together on more effective strategies that can protect our key assets.
Rachwald noted that there is no global governance or global law covering cyber crime.
Key data points from Rachwald:
  • Spear phishing has jumped fourfold
  • Antivirus only stops 5% of malware that is unknown
  • 60,000 new pieces of malware are detected every day
  • 9,000 malicious websites are identified per day
  • 94% of all countries host malware servers
  • There are attacks from 184 counties (out of a UN count of 196)
  • 95% of companies are impacted
Noteworthy stats from Lamorena:
  • 84% of breaches occur at the application layer
  • Mobile applications vulnerabilities have increased 68% since 2011
  • 94% of breaches are reported by a third party and take 416 days to detect
Since 2010 the time to resolve has increased 62%