Four Ways to Simplify Security
This blog post was collaboratively written with Dinesh Shadrach.
Dinesh Shadrach is a Sr. Product Manager in Cisco’s Security & Networking Business group where he oversees the design and evolution of Cisco’s cross-architecture software buying programs.
Security breaches dominate the headlines. Earlier this year, TechWorld published a list of the most infamous data breaches and recently Wired Magazine featured a story about a gang of thrill seeking teen hackers wreaking havoc on both large and small companies alike. In this day and age of continuous digital advancements, it is difficult to secure everything.
Whether the violation is motivated by thrill or a more sinister conquest, organizations are grappling with how to protect their business. In fact, according to the 2018 Annual Cybersecurity report, organizations reported significantly more security breaches that affected over 50 percent of an organizations systems than the previous year. The business functions most commonly affected by breaches are operations, finance, intellectual property and brand reputation.
Organizations find securing their business to be daunting and overwhelming. For the purpose of simplicity, in this blog, we’ll address security using four distinct areas to guide your approach:
- Security Essentials
- Cloud & Web Security
- Policy & Visibility
- Email Security
Starting with security essentials, it’s very common for organizations to struggle with protecting mobile devices, data in the public cloud and user behavior. In fact, security teams find it nearly impossible to identify threats as they often mimic the behavior of legitimate network traffic. With organizations using Google Docs and Dropbox to do their work, there is ample opportunity to uncover their “bad actor” malware network traffic. To combat these issues and others, it is recommended to start with network security on the firewall, VPN and endpoints. Specifically stop treats, see what’s happening on your network and reduce costs. Next generation threat-focused firewalls now combine software options with next-gen IPS and advanced malware protection to block more threats and quickly mitigate those that do breach an organization’s defenses. VPN solutions empower employees to work from anywhere while providing the security necessary to help keep companies safe and protected. Endpoint malware protection solutions help prevent, detect, and respond to advanced threats in today’s hyper-connected world.
Cloud & Web Security
The use of on-premises and public cloud infrastructure is growing. In fact, security is the most common benefit of hosting networks in the cloud and 53% of security professionals who responded to Cisco’s security survey report that they manage more than half of their infrastructure on the cloud. Cloud and web security serve as the first line of defense against threats on the internet. Another important area of focus is the web. Cisco’s analysis of web attack methods over an 18-month period from April 2016 to October 2017 shows an increase in adversaries’ use of malicious web content. And it’s only going to get worse. Web security solutions automatically block risky sites and test unknown sites before allowing users to link to them, helping with compliance. Secure Internet Gateways in the cloud provide the first line of defense against threats on the internet. These solutions can now be deployed in a matter of minutes. And cloud access security brokers (CASB) help customers move to the cloud safely by protecting cloud users, data, and apps.
Policy & Visibility
When it comes to Industrial Control Systems (ICS) breaches, organizations discover that their policy and visibility protocols are lacking, leaving their servers and computing resources vulnerable to attack. To help reduce risk, it is recommended that organizations review vendors and systems to update any patches as soon as the patches are available. Implement policies that severely limit the use of the ICS networks for anything other than essential operations. Companies are focusing more on policy and visibility to know who is on the network and what they are doing. Today’s enterprise network is expanding rapidly. It connects multiple branches, mobile users, the cloud, and data centers. As companies change to digital businesses and adopt new practices and technologies, they require increased visibility to maintain security. Today’s visibility solutions outsmart emerging threats in digital business with industry-leading machine learning and behavioral modeling. And next-generation secure network access solutions help organizations gain awareness of everything hitting their networks, provide access consistently and efficiently and relieve the stress of complex access management.
And finally, when it comes to email security organizations are constantly filtering spam and occasional malicious emails. With the aid of social engineering techniques such as phishing and malicious links, and corrupt attachments, bad actors are poised to become a menace. Additionally, PDFs are the most common file type targeted by insider threats and mobile devices are the hardest to defend. A multilayer approach to security keeps attackers out of users’ inboxes by putting a stop to phishing, business email compromise, ransomware, spam and other common email threat vectors.
As if security wasn’t enough of an issue, organizations also struggle with interoperability among vendors and orchestrating multiple vendor alerts. When organizations can’t orchestrate and understand the alerts they receive, legitimate threats can slip through the cracks. According to Cisco’s security research, among organizations that receive daily security alerts, an average of 44 percent of those alerts are not investigated.
Why use a multitude of products from many vendors if the resulting environment is difficult to manage? Organizations that adopt an integrated approach to security cite that an integrated approach is more cost-effective and 47 percent said it’s easier to implement. (2018 Annual Cybersecurity Report)
Learn more about Cisco’s Enterprise Agreement and Security Suites.