Protecting the Enterprise Is a Never-ending Battle
Hackers do whatever it takes to get past cyber-defenses, and they're getting through because organizations still deploy outdated security products.
It should come as no surprise that, these days, protecting enterprise assets falls somewhere between whack-a-mole and the movie Groundhog Day. Every day presents new challenges that seem to get worse.
Cisco Systems has just released its Midyear Security Report and the picture is not pretty. Among the lowlights:
*Angler, one of the most sophisticated and widely used exploit kits, is now highly effective at evading detection through the use of domain shadowing.
*Ransomware has emerged as a highly lucrative activity that has matured to a point it is completely automated and carried out through the dark web. What's more, malware authors are using creative techniques, such as including text excerpts from famous novels to evade virus detection software.
According to John Stewart, senior vice president and chief security and trust officer for Cisco, the margins for error are decreasing. "We live in a world where hackers relentlessly do whatever it takes to get past cyber-defenses. And they're getting through in large part because a discouragingly large number of organizations still deploy complex, unwieldy patchworks of outdated security point products that are difficult to manage and offer feeble defense against today's sophisticated attacks."
The upshot? There is an urgent need to lower the time to detection (TTD) for attacks, a key metric in security technology and operations. "This is vital for security teams to quickly scope a compromise before considerable damage is done," he added.
The Cisco report, like others, points to a need for new and improved methods, as well as new technology solutions. CIOs, CISOs and CSOs must view security in a far more holistic way and build out a protection framework that addresses product lifecycles and data lifecycles. It's also critical to look at new techniques for monitoring networks, such as fingerprinting tools, and consider using anonymous cyber-attack information sharing, which is just emerging as a new counter-weapon.
The Cisco report points out that even with leading-edge tools and technologies, no organization should consider itself safer than others.
"A proactive, in-depth, cyber defense strategy, of which technology is just one component, continues to be our best answer," Stewart said.