People power: Turn staff into your greatest security defence

Security statistics are real and scary, but educating your staff can make all the difference

This past week I found myself drinking beer around a swimming pool in Monte Carlo while talking about Mr Robot with a Johnny Depp lookalike - such is the life of an IT security journalist.

It's not quite as glamorous as the location suggests, of course, as I was there to attend the Fortinet 361 security forum, rather than try to break the bank at the casino or race around the Circuit de Monaco. 

Advertisement - Article continues below

Johnny was actually Guillaume Lovet, senior manager of threat research at Fortinet (one of the global big three names in enterprise network security) and Mr Robot is a TV series about a security researcher turned hacker that has just finished in the US.

In contrast, Guillaume was once a hacker (doing penetration testing) and is now a security researcher. As someone who took a similar unconventional route into my current profession, it is perhaps unsurprising we found ourselves agreeing on many things when it comes to cybercrime: everyone is a target, the only effective defence is a layered one, and good governance, rather than law, is imperative if the fight is ever to be won.

While some of the 361 forum output was a little too product and marketing driven for me, a number of interesting things fell out of the event, and none more so than a single slide during a presentation entitled 'The FortiGuard Minute'.

Advertisement - Article continues below
Advertisement - Article continues below

Threat research and response group FortiGuard is, for me, the beating heart of Fortinet, where threat intelligence moves out of the lab and into the enterprise. This is the stuff that turns me on, and sadly that includes statistical information. That PowerPoint slide contained FortiGuard's attack data gathered within a single minute sometime in the second quarter of 2015.

In that 60 seconds, 21,000 spam emails were intercepted and 390,000 network intrusion attempts were prevented. Alongside these, nearly half a million (460,000) malware programs were neutralised and 50,000 botnet Command and Control attempts (used in DDoS attacks) stopped. Ramp things up to a weekly view and you see some 8,000 hours of global threat research undertaken, leading to some 1.8 million new or updated AV definitions.

So what?' you may ask, but here's the thing, though: security intelligence (and that is what all these statistics boil down to) is integral to securing your network and, ultimately, your data. While media friendly soundbite stats won't stop the bad guys, the intelligence behind those stats certainly helps in putting together the processes, policies and tools that will.

Advertisement - Article continues below

Where stats do come into play is when we start talking about education and awareness. These topics came up a lot at Fortinet 361, most often just after a PowerPoint slide with the words 'Social Engineering' written upon it. That's hardly surprising given that people remain the weakest link in your organisation and usually represent the easiest route to unauthorised entry into your network.

But people are also your biggest strength, and people power can thwart most common exploits if they become aware of these threats through the right education and training.

The key to that awareness is the intelligence used within your training programmes, which has to be both properly evaluated and actionable. This is where statistics such as these are worth their weight in Monte Carlo casino gold to help understand these threats.

Advertisement - Article continues below

Gemalto's Breach Level Index

So I guess you'll be wanting some more stats then? Good, because as I was flying back from the Cte d'Azur, Gemalto was publishing the latest edition of the Breach Level Index, which covers the first six months of 2015. I used to edit the in-house magazine for Gemalto, the world's largest manufacturer of SIM cards and, like Fortinet, something of a digital security Goliath, and am only too aware of the importance of rock-solid research that comes out of the company.

Advertisement - Article continues below

It came as no surprise, therefore, to find myself both nodding sagely and sobbing into my lukewarm coffee as I flicked through the figures at 20,000 feet. Gemalto's numbers revealed 246 million records compromised across 888 data breaches, which is both good and bad news.

The bad being that breaches were up by 10 per cent on the first half of last year, but tempered by the good news that the number of compromised records was down by 41 per cent on the same period.

Don't get too comfortable in these statistics though, they don't necessarily mean that mega breaches are a thing of the past (the BLI report for the last six months of the year will most likely reflect that) and this can be seen in the Anthem Insurance attack which represented 32 per cent of the total data loss by exposing 78 million records in just one attack, or the OPM attack which exposed a further 50 million.

Advertisement - Article continues below

Although I wouldn't normally put too much emphasis on attack size (how big is far less important in the security scheme of things than simply 'how' after all) it's interesting to note that the top 10 breaches accounted for more than 80 per cent of all compromised records across the six-month period.

Where size does matter is for the bad guys, as Jason Hart, VP and CTO for data protection at Gemalto, confirms when he says "what we're continuing to see is a large ROI for hackers with sophisticated attacks that expose massive amounts data records".

Those bad guys aren't who you might think they are, either. According to Gemalto, 41 per cent of all the compromised records were exposed by just two per cent, by attacker type, of the breaches.

So what was behind that crazily successful hit rate statistic? State-sponsored attacks. This is worrying, and caution must be exercised before jumping to conclusions as accurate attribution in state-sponsored attacks is notoriously difficult.

Gemalto pointed out none of the top 10 breaches from the first half of 2014 were state-sponsored at all. How apt that I started off all James Bond in Monaco, and finish the same way back at Leeds Bradford Airport.

Featured Resources

Navigating the new normal: A fast guide to remote working

A smooth transition will support operations for years to come

Download now

Putting a spotlight on cyber security

An examination of the current cyber security landscape

Download now

The economics of infrastructure scalability

Find the most cost-effective and least risky way to scale

Download now

IT operations overload hinders digital transformation

Clearing the path towards a modernised system of agreement

Download now



University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020
cloud security

CSA and ISSA form cyber security partnership

30 Jun 2020

Best antivirus for Windows 10

30 Jun 2020

Most Popular


How to find RAM speed, size and type

24 Jun 2020

Microsoft releases urgent patch for high-risk Windows 10 flaws

1 Jul 2020

The top 12 password-cracking techniques used by hackers

12 Jun 2020