Businesses need a 'defense in depth' strategy: Infoblox

Public and private organizations across APAC must adopt a defense in depth strategy, according to Infoblox (Image sarayut / iStockPhoto)

Public and private organizations need to deploy a defense in depth strategy according to Infoblox president and CEO Jesper Andersen.

"They need to realize there is no panacea," Andersen told ARN. "They need to understand that specialization in select areas is important."

A recent research carried by (ISC)² revealed the shortage of cyber security professionals is close to three million globally with Asia Pacific experiencing the highest shortage at around 2.15 million.

The shortage is in part attributed to the region's growing economies, in addition to new cyber security and data privacy legislation being enacted across multiple countries.

Closer to home, this shortage comes at a price because, according to Andersen, Australia is not as quick in implementing cyber defense measures as it is in adopting new technology.

With 20 years in business, Infoblox comes from a networking background but today focuses on Domain Name System (DNS), Dynamic Host Configuration Protocol (DHCP) and IP address management.

For Andersen, partners can help customers by thinking of general networking and cyber security as a much closer business with the vendor claiming 50% of the DDI market share with 1,000 employees and 8,000 customers across the world.

In Australia, Infoblox employs nine people and has some of the "top banks" as customers.

The vendor works with channel partners and has two distributors locally in the form of Arrow ECS ANZ and Orca Tech alongside a host of technology alliance partners.

"Because we have a lot of information that is of value to security vendors we have created a lot of integration with security vendors which we call our security ecosystem," Andersen said.

Furthermore, Andersen also said that the vendor is "interested in increasing" its investment in Australia and New Zealand.

Current threats

With all the buzz around crypto-jacking recently, Anderson said, without trivializing the problem, that he would prefer to have his business crypto-jacked rather than suffer a ransomware.

"If it was up to me and I was the CEO of an organization that got attacked, whether in the public sector or whatever, frankly I'd much prefer it was a crypto-jacking attack versus a ransomware attack," said Andersen.

"It is one thing to lose some efficiency because someone hijacked my compute power, it is a very different thing if they lock my computers from the outside."

Andersen also said that governments across the world should focus on certain cyber security risks especially when it comes to citizens' data.

"I wouldn't want my government to become too focused on crypto-jacking when there is a lot more concerning issues," he added. "Many countries are moving their citizen data and health data to more of an online system, losing that info is a lot scarier."

Andersen also pointed out to what he believes an area that should be given more thought from customers and partners alike.

"The thing that is a little scary is that, an area such as DNS, which is traditionally thought of as a networking area, which is what it is, tends to maybe not get as much exposure from a cyber security perspective," he said.

Andersen explained that this is an area where it's easy to exfiltrate data without ringing any alarm bells and it is important that organizations understand how vulnerable they are around DNS.

ARNnet

Read more on