Open Source: From Great Technology to Greater Intelligence

By Leon Ward, Product Manager, Advanced Malware Protection: Network, Cisco Security Group

The financial services industry has embraced the adoption and use of open source software and according to software and consulting firm Black Duck, up to 75% of the code supporting a UK investment bank’s trading application is commonly based on free and open-source software. Only 18% of the code is proprietary, it says. And analysts say that adoption in financial services is poised to increase further as cost pressures grow.

In turning to open source, the financial services sector is following a path trodden by other regulated industries – healthcare and government IT, for example – which are attracted to open software development models by promises of cost control and increased innovation.

The origins of Open Source can be traced back to the software developer community that evolved around the Artificial Intelligence Laboratory at the Massachusetts Institute of Technology (MIT) during the 1960s and 1970s. In those early days, all software was shared freely amongst the academics and enthusiasts who wanted to build great software to address new challenges.  As technology adoption spread in the 90s, interest in the ‘open’ approach continued to grow as users also recognised the value side of the equation. Not only were they gaining access to software that had the benefit of a community of engaged and interested minds working together to continuously improve it, but open source saved costs by opening the market for support and maintenance of the code. As corporate networks expanded another benefit emerged. Open source enabled agility.  Organisations could more easily integrate complementary applications and services into their environments to respond to new business imperatives and expand capabilities for their users.

More recently, in the context of cybersecurity, open source is a very effective way to solve complex problems because it creates real collaboration and trust between vendors and the experts that are tasked with addressing advanced and aggressive IT security threats.

Modern corporate networks extend beyond the traditional perimeter to include data centres, endpoints, virtual, mobile and the cloud. These networks and their components constantly evolve and spawn new attack vectors including: mobile devices, web-enabled and mobile applications, hypervisors, social media, web browsers and home computers. Attackers are taking advantage of gaps in protection to accomplish their mission. They also go to great lengths to remain undetected, using technologies and methods that result in nearly imperceptible indicators of compromise.

Open source is a valuable tool for defenders as they work to close these gaps and to gather greater intelligence about potential threats to make better decisions and take action. Let’s take a closer look at the role of open source in these two areas.

Closing security gaps. Reducing the attack surface is essential as organisations strive to protect against the latest sophisticated threats. Waiting for updates from vendors to close vulnerabilities isn’t realistic when high-value assets are at stake and attacks are relentless. For organisations creating their own custom applications, the ability to detect and protect these applications is even more challenging. An open approach can help organisations close security gaps faster with the ability to create protections on their own or apply shared best practices and tools.

Gaining greater intelligence. To deal with dynamic environments organisations need access to global intelligence, with the right context, to identify vulnerabilities and take immediate action. An open architecture facilitates the sharing of real-time threat intelligence and protections across a vast community of users for collective immunity. It also streamlines integration with other layers of security defences added as IT environments and business requirements change, thus enabling more effective, coordinated protection.

In the realm of technology, open source has a long history and its applications and benefits will continue to evolve and grow.  The findings of the 2013 Future of Open Source Survey state that increasingly enterprises across the board see open source as leading innovation, delivering higher quality and business driving growth. Based on the tenets of community, collaboration and trust, it is an approach that delivers stronger solutions, addresses complex problems and demonstrates technical excellence, innovation and dependability.

Fighting Virtual Shadows to Protect Customer Data from Malicious Intent

Wieland Alge, Vice President and General Manager EMEA, Barracuda Networks

The plight of Barclays Bank, following the theft of thousands of confidential customer files, has once again thrust the issue of how organisations protect confidential data high up the business and consumer agenda.  Accountable heads are lifting from the global sands of ignorance as theoretical threats become real life scenarios that must be dealt with or expose data vulnerabilities which could see the downfall of even the most powerful brands.

Continue reading

Trapping the Malware Mosquitoes in your Net

By Sean Newman, Security Evangelist, at Sourcefire, now part of Cisco

There are more than 2,500 species of mosquito in the world, each as capable as the next of causing infection.

Of course, there are numerous ways to protect yourself, but each method has its limitations. You can’t walk around and be completely covered – sound waves and fans have mixed results and, increasingly, mosquitoes are developing resistance to many pesticides.

Like mosquitoes, malware seems to be everywhere, takes many forms and is becoming increasingly resistant to traditional prevention approaches – making it incredibly difficult to stop. Malware will use whatever unprotected path exists to reach its target and accomplish its mission.

Continue reading

Weathering the Cyber Storm

By Sean Newman, Security Evangelist, Sourcefire (Cisco)

With huge storms battering Britain in recent weeks, resulting in trains being cancelled and roads flooded, it is inevitable more people will have chosen to work from home. Gale force winds and torrential rain not only cause major disruption to the commuter but potentially your company’s IT network by increasing the risk of a cyber attack.

Continue reading

Change Detection Technology has Changed – For the Better

BMark Kedgley, CTO, New Net Technologies

Few experts would argue against the importance of real-time file integrity monitoring (FIM) in an era of fast changing and sophisticated security threats. It is literally impossible to second guess the method of a breach and therefore the ‘last line of defence’ detection offered by FIM has never been more critical.

Continue reading

The World’s First Mobile Malware Celebrates its 10th Birthday

By Axelle Apvrille, senior mobile anti-virus analyst and researcher at Fortinet

From Cabir to FakeDefend, the last decade has seen the number of mobile malware explode. In 2013, Fortinet’s FortiGuard Labs has seen more than 1,300 new malicious applications per day and is currently tracking over 300 Android malware families and over 400,000 malicious Android applications.

Continue reading