Reducing the Attack Surface: Takeaways from the 2015 Annual Security Report
As the Cisco 2015 Annual Security Report shows, current security approaches aren’t sufficient. Attackers are shifting methods and becoming more sophisticated in their approaches, users are unwittingly complicit enablers, and defenders struggle to keep up with all of these things. It is time for defenders to take a different approach to security that not only outwits attackers but also makes security a competitive advantage that enables business growth.
By taking a threat-centric and operational approach to security, organizations can reduce complexity and fragmentation, while providing superior visibility, continuous control, and advanced threat protection across the extended network and the entire attack continuum.
Using Cisco technology, this approach is enabled by broad visibility for superior intelligence across the extended network, where all the solutions a customer deploys communicate with each other. Organizations using siloed solutions will have holes in their security. Siloed solutions do not provide full protection since they do not communicate with one another, thus leaving security gaps and the inability to create actionable intelligence.
Cisco can provide a holistic solution to this problem by reducing the attack surface and extending protection across the network – before, during and after attacks.
Key Insights from the Annual Security Report
- Security architectures should be designed around key IP data. High value data is moving around the Data Center, in virtualized workloads. It is also in applications that are outside the traditional infrastructure.
- Big Data is and will continue to be a strategic security priority in the years ahead. It will be key in helping corporations drive business success, but it also will play an important role in the security area.
- Connectivity to the cloud will continue in spite of the security implications. The cost drivers are too great to stop this trend. Security and privacy will continue to grow in importance, as we have to fix these issues – or stop using the Internet.
- Gaps in perceptions around policies and procedures create weaknesses. All of the technology in the world will not make up for bad policies.
- 90 percent of companies are confident about their security policies, processes, and procedures with CISOs more optimistic than their SecOps colleagues.
- 59 percent of CISOs view their security processes as optimized compared to 46 percent of SecOps.
- About 75 percent of CISOs see their security tools as “very” or “extremely” effective with about one-quarter perceiving security tools as only “somewhat” effective.
Cisco Security Advisory Recommendations
Last year the Cisco Custom Threat Intelligence group found Indicators of Compromise (IoC) in 63 of the 64 organizations they worked with. The industry must change our overall approach around cybersecurity as it is not working. The prevalence of these Indicators of Compromise illustrates the importance of taking a before, during, and after approach to security. We can also address these issues by reducing the attack surface in our any-to-any world, and reducing the number of exit and entry points, so resources can be allocated to the choke points.
Organizations should move towards fully integrated networks with the visibility and global intelligence for automated enforcement of advanced threat protection policies to detect, block, track and contain malware. As organizations add Cisco and Cisco Partner solutions, the various solutions talk together and get smarter – automatically spotting, stopping, and fixing vulnerabilities.
Cisco Identity Services Engine is the market-leading security policy management platform and continues to be a core technology for security enforcement, granting or halting access throughout the extended network. It is a foundational to a secure network, centralizing and unifying highly secure access control, enabling greater visibility into the network, and accelerating BYOD.
Today’s threats are becoming increasingly sophisticated; a threat might go undetected for days, months, or even years. To help you keep your organization protected from today’s advanced security threats, Cisco has developed a fully managed service delivered by our security experts. Cisco Managed Threat Defense helps defend against known intrusions, zero-day attacks, and advanced persistent threats.
Download the Cisco 2015 Annual Security Report to learn more about these threat intelligence trends and their implications for defense.