In the recently released Cisco 2018 Annual Cybersecurity Report, 2017 saw growth in malware targeted at ransom or profit motives, but also the destruction of systems and data. Malware continues to get more sophisticated and is now able to elude sophisticated sandboxing environments. Encryption continues to be leveraged to conceal malicious activity. Cybercriminals are also relying on legitimate Internet services like Google, Dropbox, and GitHub, making malware traffic almost impossible to identify.
Increased usage of cloud services and Internet of Things (IoT) based networks can create undefended gaps in security coverage; ripe for exploitation. Many organizations struggle with providing comprehensive security across this ever expanding attack surface.
These are challenging times; the threat landscape doesn’t promise to get any better. Each one of these themes presents a significant threat to your organization, its intellectual property, and customer and employee data.
So what can be done?
Take a proactive approach to your security strategy through your data center – the prime target of cybercriminals.
Protecting the modern data center is a challenge due to the high level of complexity. Modern applications and their workloads are dynamic and distributed across on premise and multi-cloud environments. The underlying security policies must dynamically change to enable real-time policy enforcement and visibility that follows the workload everywhere. However, it’s difficult to provide a secure infrastructure for these application workloads without compromising agility.
But it’s now possible to achieve consistent workload protection. It starts with an integrated portfolio of best in class security products across the network, cloud, data center and endpoints: all working together to share threat intelligence for more effective security to block more threats, respond faster, and deliver automation so IT resources go further. Because security policy must follow data center workloads, we enhanced the capabilities of Cisco Tetration.
The Cisco Tetration platform monitors hybrid cloud workloads to create an application behavior baseline, providing visibility of known application vulnerabilities, anomalous behavior and communication patterns. By using this holistic, workload protection approach, Cisco Tetration significantly reduces the attack surface in the data center, minimizes lateral movement of threats and quickly identifies application anomalies and suspicious behavior. Tetration works with Cisco’s security portfolio including Cisco Firepower Next-Generation Firewall (NGFW), Next-Generation IPS (NGIPS), Advanced Malware Protection (AMP), and Stealthwatch to deliver effective security that follows the workload everywhere.
For more details on Cisco Tetration, please read A Recipe to Keep Your Hybrid Cloud Workloads Safe.