Network infrastructure security.
Cyber Threat Intelligence for understanding threats

Every year since its first edition, the Clusit report on security in Italy points out, “the period analyzed has been the worst ever in terms of attacks and threats to the security of corporate infrastructure." Network Infrastructure Security has never been more important,  above all because of the Digital Transformation that has introduced technologies and paradigms that require a greater focus on security. Cloud computing has extended the boundaries of the company, to an infinite monitoring perimeter, and the increase in IoT devices, especially for industrial use, has multiplied the number of access points.

“In the last two years, the growth rate for the number of severe attacks has increased tenfold. Not only that, but the average severity of these attacks has worsened at the same time, acting as a damage multiplier.” 2019 Clusit Report.”
_{2019 Clusit Report}

In 2018, 1,552 severe attacks were collected and analyzed (+ 37.7% compared to the previous year), with an average of 129 severe attacks per month (compared to an average of 94 per month in 2017, and 88 over eight years) Among the mosti important evidence:

• Within a Smart Factory, or an extended enterprise, attacks come from the most vulnerable nodes, i.e. from suppliers and partners connected to the corporate network that do not have adequate protection.
• Attacks manifest themselves through “known” nodes and then propagate within the company’s network infrastructure, when it is too late to stop them.

Although the media hype that has developed on the subject of security has helped companies to become more aware of the risks to which they are subjected, improvements are slow. This is often because a company’s security failures result from errors in design and security management, outdated applications and infrastructure, or policies which are incomplete or not complied with. 

What companies need is governance, skills and strategy, even more so today as digitization extends the area exposed to attack and risk. Almost all of them, for example, have implemented protection for PCs and laptops, but only very few companies have installed advanced security systems on their employees’ smartphones, which represent an increasingly common access point.

In a scenario where, with to traditional techniques, the remedy regularly arrives when it is too late, and in the face of such heterogeneous and complex new IT environments, the strategy requires a complete change.

For example, a new cybersecurity model should be developed, adapted to real threats, which exploits new technologies, such as the cloud and Artificial Intelligence, and which does away with the traditional approach of bolting the stable door, replacing it with real-time reactions based on predictive techniques. 

But even before this, in terms of the revision of application services, given that errors in the application code are the main causes of security failures, it is possible to intervene directly upstream of the development process using the Security by Design approach, i.e. taking security into consideration as soon as the design phases for an application or a digital service. The real challenge thus becomes to incorporate security into systems, applications and digital services without jeopardizing their usability and user experience.

In other words, we must go beyond the model of simply implementing technological solutions as band-aids and think in terms of prevention – on applications, human resources and devices – that declines methods and technologies tailored to the different needs of each company and depending on its business model, organizational structure and software architecture, as well as on human awareness.

“Lutech’s value proposition is based on a number of core foundations: solid Security Engineering based on the knowledge and ability to incorporate the best technologies in the field of Cyber Threat Intelligence, Breach Monitoring, and Incident Response.”

In terms of defining the Cyber Threat Intelligence structure, Lutech provides customers with the necessary support – training and tools – to understand both established and emerging cyber threats, offering services for their detection, analysis and monitoring.

In conclusion, the evolution of technological tools and platforms, together with the increasingly advanced nature of attacks, requires the transition to a completely new security approach that analyzes and monitors the company’s extended software architecture and corporate network access points, regardless of whether these are people or devices. The goal is to intercept threats in real time thanks toartificial intelligence assessment of the behavioral anomalies detected on the IT infrastructure and on the company network.