New Security Operations Centre aims to combat rampant cybercrimeBy Ryan Noik 29 September 2019 | Categories: feature articles
There was an oft used phrase in the 90’s – you can never be too rich or too thin. In the 21st century, it has evolved to become you can never be too secure. It was that phrase that rang in my head as Reflex Solutions launched its Security Operations Centre recently in Sandton.
The aim of the centre is simple – at least on the surface: to combat the growing number of cybersecurity threats in South Africa. As events in recent weeks have underlined, South Africa is clearly no more exempt from the cybercrime scourge than any other country in the world. Indeed, this year we have seen significant attacks, from City Power being taken down by a ransomware attack, to Ster Kinekor being hacked in the country’s biggest data breach, and Garmin SA being compromised and in turn, compromising users’ credit card information. One thing is clear: cyber criminals are not playing games.
Guard your Six
“It seems that almost every day we see yet another high-profile cyber-attack crippling businesses,” commented Pieter van Zyl, Business Unit Manager of Reflex’s Security Operations Centre. “The launch of our SOC is a giant leap towards addressing this by providing a holistic view in proactively monitoring and tackling these cyber security threats, before they even have a chance to reach organisations. By managing customer security needs, it frees the time for our customers to focus on the day-to-day running of their businesses,” he explained.
What is important to note, according to van Zyl, is that there is no ‘silver bullet’ that can safeguard a client’s IT infrastructure and data. This, he pointed out, is why there are thousands of different products and solutions that are available to address cyber security issues.
But what about machine learning and AI? Surely these will save businesses from cybercrime? Not so fast. Branislav Ondrášik, the Security Research Communications Manager at ESET, pointed out that there is actually a big difference between true artificial intelligence and machine learning.
True AI, he continued, consists of intelligent machines that can learn and make decisions independently, based on inputs from its environment – without human supervision
Machine Learning, on the other hand, consists of data processing algorithms that allow computer systems to perform chosen tasks by identifying patterns and anomalies in vast amounts of data, transforming complex data into a compact representation (a.k.a. model).
Here’s the rub: cybercriminals have the same access to machine learning tools to perpetuate attacks as companies have to defend against them.
That is why we see ‘smarter’ spam, he explained, with a computer able to generate a fake email that on the surface looks and sounds more genuine. It can also now include actual addresses of real companies, their real logos and the language they use is a far cry from what it used to be. As well, we see smarter malware which protects itself, he elaborated, and machine learning powered malware that attacks Internet of Things connected devices.
Genesis of the SOC
If that wasn’t enough, exacerbating matters is a large amount of confusion.
“Frankly, we find that our customers are confused and overwhelmed by the different terminologies and all of these options. That is why we created a SOC where our team of security experts can formulate and implement a cohesive, focussed cyber security plan that is easy to understand with solutions that are suited to a client’s specific business strategy and budget, ” van Zyl elaborated.
He continued that after a significant amount of testing, Reflex Solutions decided to form a strategic partnership with cybersecurity leader ESET. “Based on our research, we believe that ESET has the strongest anti-virus and anti-malware software out there. They have AV capabilities that no other vendors have, and their products are correctly priced for local markets. ESET allows us to provide a proactive approach to threat management by making use of technologies like LiveGrid, Machine Learning, DNA Detection and HIPS. Since our partnership three years ago, we can proudly say that we have had zero infections. In fact, with ESET, we have detected and deferred thousands of malicious attempts,” he added.
What’s still to come
There is hope for South African companies that the scourge of cybercrime can, and will be addressed. Van Zyl reassured that Reflex Solutions’ SOC will place a significant focus on a proactive approach to data and client protection, and this will be coupled with high-quality business continuity solutions that will assist stakeholders in recovering speedily in the event of a cyberattack.
“We believe that the more layers of security, the more secure your infrastructure. Our multi-layered approach starts at the core systems and works through to various zones. Security needs to be integrated into your IT design and that is why our end-to end IT service is a huge competitive advantage and provides the greatest security for our clients,” concluded van Zyl.
Most Read Articles
Have Your Say
What new tech or developments are you most anticipating this year?