TEC Tech Quick Hits In Cisco’s 2017 Annual Cybersecurity Report, Cisco’s SVP of Security, John N. Stewart, had the following to say:
“It’s really quite simple: The more attack vectors that go unnoticed and the longer we allow attackers time to exploit our systems and infrastructure, the greater their chance for success. It’s on us to close that opportunity.”
For corporate I.T. directors and others involved in ensuring their company’s networks and data are safe from cyber-attacks, “closing that opportunity” means having a modern, enterprise-grade cybersecurity solution. In this article, we’ll take a quick look at 3 essential features of a modern enterprise cybersecurity solution:
- Predictive technology;
- Intrusion prevention;
- Intrusion detection.
Early Warning System – Getting Ahead of Cyber-attacks With Predictive Cybersecurity
Cybersecurity vendors have learned something from epidemiologists, who understand that, the quicker they can get good data on the current flu strains, the quicker they can prepare vaccines. The same holds true for cybersecurity systems: The earlier in the process data can be gathered on a new cybersecurity threat, the more quickly a solution can be rolled out. In order to have a powerful predictive cybersecurity solution, a vendor has to have a large installation base which automatically reports data on cybersecurity attacks back to the vendor so that the vendor can analyze the new “strain” and automatically harden client components (firewalls and endpoints) against any coming attacks from this new threat.
Enemy at the Gates – NGFW and Next Generation Endpoint Security for Intrusion Prevention
Cyber-attacks can gain access to your network via many different entry-points, commonly called “attack vectors”. Two of the most common attack vectors are network servers and network-connected devices. Most corporate networks have a firewall, which can be a software solution that runs on a standard network server or an integrated software/hardware solution with a custom appliance that the firewall software runs on. Most businesses also require some type of cybersecurity solution for the devices that attach to their networks remotely. “Hardening the perimeter” by preventing malware attacks on the server and on remote devices is block and tackle stuff for I.T. security administrators, so it’s assumed that these pieces are in place. Modern enterprise cybersecurity solutions have advanced perimeter hardening with Next Generation Firewall and Next Generation Endpoint Security technologies. The most advanced of these technologies implement firewalls and endpoint security that:
- Has automatic access to the latest intelligence on cyber-threats (see the section “Getting Ahead of Cyber-attacks With Predictive Cybersecurity” above);
- Can be automatically hardened against these threats;
- Are smart enough to be able to recognize potential but as-yet unidentified threats and guard against them.
Remediation of Existing Threats – Intrusion Detection is Still Important
Even the best cybersecurity solutions can’t protect against every possible attack. If they could, we’d never see cyber-security breaches like the ones Target and Home Depot suffered in the last couple of years. A report in the Ingram Micro Advisor noted that,
“60 percent of stolen data is taken within the first few hours of an attack, but a large percentage of attacks go unnoticed, allowing hackers to steal data and other sensitive information for months, even years, as long as they remain undetected.”
That being the case, an enterprise cybersecurity solution must be able to:
- Quickly identify an on-going attack;
- Limit future damage by neutralizing the attack;
- Provide granular data on the activity of the attack from the time of the breach to the time it was neutralized.