|
Despite the same old budgets and resources, midsized companies have to contend with new and more complex security attacks. Here's how a few are rising to the challenge.
Microsoft discovers a vulnerability in its domain name server but says it may take weeks to deliver a patch, and the W32/Delbot-AI worm promptly launches attacks using that flaw. Two research houses predict that pinpointed attacks on select companies will soon replace broadly targeted worms as the greatest threat to corporate computer security. At a Usenix conference, experts warn that botnets -- which use a collection of compromised computers to steal financial data or send spam -- are getting increasingly complex and more capable of taking over more computers and accessing important data.
That was just some of the bad security news that came out in a single week this spring. While information security teams still struggle to plug new holes in technology and avoid broadly targeted viruses, they have to keep an eye on the threat of a carefully architected and targeted multi-vector attack.
Information security managers know that teams of hackers are working around the clock to craft multi-vector attacks, pairing the best and brightest of the bad guys. These attacks probe a company's network simultaneously in several ways -- leveraging spam, searching for gaps in firewall coverage -- thus giving hackers a better chance to find a hole in a company's security. Multi-vector attacks clearly raise new challenges for midmarket companies strapped with the same limited resources. Yet smart CIOs are turning the tables and adopting a multifaceted approach to defense that employs several security technologies as well as tools from outside the security realm.
|
