30 January 2017, Johannesburg End-to-end telecommunications and networking solutions provider Saicom has entered into a strategic partnership with Thinkst Canary to offer a fully-managed honeypot network security service.
The service, which complements the company’s existing network security solution benefits businesses that want to consolidate their security services due to the growing complexity of securing the trusted and untrusted network.
“Our honeypot managed service includes the detection of network breaches and extends to forensic investigations to determine the origin of the threat and whether internal devices or systems have been compromised,” says Greg de Chasteauneuf, chief technology officer at Saicom Voice Services.
Cyber attackers are often present on networks for lengthy periods of time before they carry out an attack. Detection and mitigation are becoming important aspects of cyber-security due to the increasingly large and permeable attack surface.
Deception technology, such as honeypots, improves the detection and mitigation of cyber-security breaches. Honeypot devices are scattered across the network and act as decoys. They are designed to look like commercially sensitive information or systems and an attempt to attack or access the fake assets or systems alerts the Saicom Voice Services managed security team.
“Next generation tools such as Thinkst Canary’s honeypots reliably set off an alarm when an active attack is discovered. They are simple and easy to use, can be set up in minutes, even on complex networks, and alerts a company when it needs it most,” says de Chasteauneuf.
Network security is a global risk and enterprises are spending millions on securing their corporate networks, yet they are still being attacked.
The current mindset is very much that of perimeter security – a firewall boarding the trusted and untrusted networks. Today’s threats come from everywhere, not just the untrusted networks, and many of these attacks render the traditional perimeter firewall useless.
Haroon Meer of Thinkst Applied Research agrees. “Firewalls have had a good run but they offer very little to protect companies against phishing or application layer attacks. For most of the more common attacks seen today, firewalls are no roadblock, in fact they barely count as a speed bump.”
Human beings are often the weakest link and it is a company’s own employees who can punch holes in its network. The point is, if an attacker is on a company’s network, it needs to know about it.
“This is where deception technology steps in. The industry will see an important move back to host security and honeypots to detect and mitigate lateral movement within the trusted local-area network (LAN),” says de Chasteauneuf.
Security will continue to be high on the CIO’s agenda in 2017 and in time will become the most important requirement when making any IT decision in the future.
“Forward-thinking organisations will start to deploy deception technologies and adopt managed security services to monitor and mitigate risks,” concludes de Chasteauneuf.
Post written by Greg de Chasteauneuf
Chief Technology Officer (CTO) Saicom Voice Services