Cisco 2014 Annual Security Report: Why the Before/During/After Approach to Security Offers Better Protection from Threats
The number and variety of threats that can infiltrate corporate networks and disable critical infrastructure are sobering. Take a look at our findings and analysis in the new Cisco 2014 Annual Security Report, and you’ll see that malicious actors are innovating just as fast as security professionals do. As threats proliferate, so do the solutions for responding. It’s a confusing, fragmented market. That’s why Cisco believes it’s time for a new security model: a model that’s threat-centric, providing better visibility across the entire attack continuum and across all attack vectors, so that your organization stands a better chance of stopping attacks, or minimizing the damage they cause.
As we explain in the Cisco 2014 Annual Security Report, today’s advanced attacks are too complex and sophisticated to be addressed by traditional technologies that only perform their analysis once at a specific point in time, versus technologies that work continuously. At the same time, the data protection needs of organizations have become incredibly multifaceted. Mobile users and reliance on the cloud have complicated the ways business networks need to be protected. There is no “silver bullet” to solve every security problem.
Our recommendation for meeting today’s security challenge is to move away from point-in-time solutions, to an any time, all the time, continuous approach:
- Before an attack: You can’t protect what you can’t see. Know what’s on your network—devices, operating systems, services, applications, users, and more. With this knowledge you can set up access controls, enforce security policies, and block applications and overall access to critical assets. This will help reduce the surface area of attack. But keep in mind that there will still be gaps attackers can exploit to achieve their objectives.
- During an attack: Deploy solutions that can address a broad range of attack vectors by operating everywhere a threat can turn up—networks, endpoints, mobile devices, and virtual environments, for example.
- After an attack: As much as we want to stop all attacks, it’s a given that on some occasions, intruders will succeed. Prepare for this eventuality with capabilities to determine the scope of the damage, contain the event, remediate, and bring business operations back to normal as quickly as possible.
The before/during/after approach to security avoids the problems associated with fragmented security solutions, such as lack of visibility and inconsistent enforcement. The Cisco 2014 Annual Security Report details today’s top security concerns and the value of this strategy.