Effective threat protection means thinking about security before, during and after an attack
Network security involves cutting edge technology. But it also follows principles that have long existed in nature. In fact, we can learn a lot about effective security by looking at the way bees defend their hive against bears.
The worker bees use a sophisticated and multi-layered system to protect the queen bee. It starts before an attack happens. As the bees buzz around the hive making honey for the queen, they’re also keeping an eye out for threats. That means they’re able to spot a bear approaching.
And when he begins pawing at the hive to get at its precious contents, the bees swarm around him to try and drive him away. When the bear gives up and the worker bees know that their queen is safe, it’s time to begin the recovery.
The bees assess any damage and start repairing the hive, to strengthen it against a future attack.
In short, the bees protect their hive by reinforcing its security before, during and after an attack.
The challenge for service providers
Service providers are facing a challenging security situation. Our 2017 Annual Cybersecurity Report found that the changing nature of networks was leading to an expansion in the number of ways that hackers can access them – making it increasingly hard to block threats. The key challenges highlighted by security professionals were mobile devices, the cloud and user behaviour (like people clicking on malicious links).
Over the last 18 months we’ve seen high profile breaches experienced by all types of service providers, including those offering wireline, mobile, video, cloud and managed services.
And our research suggests that they’re more likely than other organisations to suffer reputation-damaging attacks. In our Security Capabilities Benchmark Study 2015, 57% of telcos reported a security breach that led to public scrutiny
Combating threats before, during and after an attack
The answer for service providers is much the same as it is for bees. They need to think about threats at every stage – and not just when they enter the system. Best of breed solutions are still important of course, to fight attacks as they take place. But even with first class technology, it’s inevitable that defences will be breached at some point.
So service providers also need to think about how they can identify breaches quickly, and recover effectively after an attack. And the third key element of effective security is planning for cyber attacks before they happen. Service providers should know what threats to look out for, and which parts of their network might be targeted.
Cisco’s comprehensive solutions
Cisco’s integrated security architecture can help service providers make sure they’re taking a comprehensive approach that is simple, open, automated – and leads to effective protection against threats.
Before an incident happens, intelligence from our global team of experts, Talos, keeps you aware of the latest risks and enables us to keep our products bang up to date.
And during an attack, our best of breed solutions enable you to combat and block threats effectively. A strong firewall is essential, of course. But for the most effective defence, it should be used alongside other technology , (like Cisco’s Next-Generation Intrusion Prevention System, Advanced Malware Protection, Stealthwatch ), and intelligent automation. And it’s important to monitor network traffic too, so you can spot suspicious activity as it happens.
And after an attack has occurred, we help you contain it to limit the damage, and improve your defences to prevent a repeat.
Our technology can detect security breaches fast. It takes an average of 13 hours, compared to the industry standard of 100-200 days. When you can react quickly, breaches are less damaging, and you can get back on your feet as soon as possible.
Delivering best of breed security to Exaprobe
One business that has used Cisco technology to offer comprehensive security is Exaprobe, a subsidiary of the French cloud service provider Econocom. Exaprobe used our Hosted Security as a Service solution to deliver their STARC (Security Threat Assessment and Response Centre) cloud-based security services .
Cyril Azambre, Exaprobe’s deputy general manager, says that thanks to Cisco’s support, “our customers can benefit from a huge security database and real threat intelligence, in a very secure and confident manner.”
The cyber security environment is always getting tougher, and it will continue to do so. In the future, we may see techniques like automation and machine learning playing a bigger role as threats become ever more sophisticated.
At Cisco, we’ll always be at the forefront of developments like this. But we don’t innovate for the sake of it. We understand that some of the fundamental principles of security have been long-established for a reason.
That’s why we take inspiration from the ways in which bees protect their hive. Their example helps us make sure we’re providing your network with comprehensive protection before, during and after an attack.
Find out how Cisco’s security expertise can help you combat cyber threats before, during and after an attack – and have a look at this video.