In the next few years, there will be more mobile users and more mobile connections than ever:
- By 2018, there will be 4.9 billion mobile users, up from 4.1 billion in 2013, according to the newly released Cisco VNI forecast
- In addition, there will be 10 billion mobile-ready devices and connections, which includes 8 billion mobile devices and 2 billion machine-to-machine (M2M) connections
Are the networks that are in place today able to handle the influx and sophistication of devices and data, or is this wave of technology going to usher in a need for a different kind of network?
I don’t think I’m alone in saying that organizations need a flexible, programmable infrastructure that can expand and contract more readily to their needs, especially in terms of security. A security-centric, programmable infrastructure that detects and responds to emerging threat vectors is essential for organizations to thrive in our hyper-connected era.
However, many business and IT leaders are unsure of what that looks like. How can a programmable infrastructure examine security holistically and gain visibility across the entire cybercrime continuum—before, during, and after an attack?
Before an Attack
Most organizations do not have the resources to have constant real-time monitoring for their networks and determine if they are being infiltrated.
To protect their key assets, organizations must be aware of what’s traversing their networks: a programmable infrastructure can help implement access controls, enforce security policies, and block applications and overall access to critical assets. The flexible nature of this type of infrastructure can help fill in the gaps left by disparate solutions or dated models. The result is much more sophisticated interaction between applications and infrastructure.
While a programmable infrastructure can address many top security concerns, organizations must also invest in IT professionals with up-to-date skills. It’s estimated that the industry is short more than a million security professionals across the globe, according to the Cisco 2014 Annual Security Report.
During an Attack
Organizations must address a broad range of attack vectors with an infrastructure that operates everywhere that a threat can manifest itself—on the network, on endpoints, from mobile devices, and in virtual environments.
Often times when it comes to security, organizations don’t know what to look for or aren’t paying attention. A recent Ponemon Institute study revealed that while most organizations say that they could identify a security incident within a matter of hours, it takes an entire month, on average, to work through the process of incident investigation, service restoration, and verification.
It’s also important to note that no company is too big or too small to be a target.
In fact, according to a 2013 U.S. House Small Business Subcommittee hearing on Health and Technology, nearly 20% of all cyber attacks hit small businesses with 250 or fewer employees.
One way malicious actors try to deliver malware to organizations is through the use of “watering hole” attacks. Like big game watching their prey, cybercriminals looking to target a particular group (for example, people who work in the aviation industry or shop at a particular store) will monitor which websites or payment methods that group uses, infect one or more of these sites with malware or data collection software, and then sit back and wait for a user to be compromised.
A programmable infrastructure can help protecting users against these attacks by keeping machines and web browsers fully patched to minimize the number of vulnerabilities that an attacker can exploit. This type of network can ensure web traffic is filtered and checked for malware prior to its delivery to the user’s browser. It can also automatically detect and respond to security breaches by taking appropriate actions to block the threat before any harm is done.
With a programmable infrastructure in place, security professionals will be better positioned to block threats and help to defend the environment.
After an Attack
If they are attacked, organizations need to have a formal plan in place that will allow them to quickly scope the damage, contain the event, remediate, and bring operations back to normal as quickly as possible. It is clear that the connections among organizations, data, and the advanced attacks are simply too complex for a single appliance to address.
Leaders can’t change the fact that cybercrime exists, but they can arm their business with the proper infrastructure. Manned by up-to-date security professionals, a programmable infrastructure that is secure, as well as agile and intelligent, is the best bet to identify key risks, thwart cybercrime and protect valuable data – both now and in the future.