The link between solving business challenges and security has become tighter and more complex than ever before. As the cybersecurity landscape continues to evolve with more attacks, security strategies need to make critical pivots in response. How and why are threats getting worse, and more importantly, what are IT leaders doing to keep up? Buckle up as we explore the causes behind today’s more frequent attacks and take a deep dive into the assumptions your security strategy needs to make in order to be effective now.
The attacks themselves are getting worse in three different ways:
The sheer volume of them has gone up so much even in the last year or so, as well as the severity. Today, if you look at cyber defenses, in many ways, it is absolutely an attackers playfield. The advantage is currently placed on the attackers, because they only have to be right one time. Meanwhile, to defend themselves, corporate network IT teams or service provider network teams have to be right all the time. And that’s certainly changing the equation.
We’re also facing threats from a lot of different directions. It’s no longer the stereotypical hacker in a hoodie, so to speak, that’s trying to penetrate a network. It’s also script kiddies, unsophisticated attackers, cyber gangs, insider threats, competitors, ransomware-as-a-service, hacking-as-a-service, all the way up to nation state attacks. Enterprises that are trying to defend their corporate networks are trying to do all of these things at once. And in many cases, they’re trying to do all of these things with a wide variety of tools and vendors to manage, which only adds to the difficulty.
Even five years ago, if someone wanted to launch a relatively sophisticated attack on a corporate network, they had to be relatively sophisticated themselves. But with the growth of things like tool kits and ransomware-as-a-service, an extremely unsophisticated attacker can now purchase targeted exploits designed to penetrate networks or serve as ransomware. Someone who doesn’t know very much about computers at all can actually do some significant damage. When you pair that with the reality that the risk-reward ratio for cybercrime is unfairly balanced (rewards are high while the risk of being caught is low) you can clearly understand the causes for the increases in attacks.
It’s changing the game, because most corporations’ number-one threat now is ransomware. And the number-one way that ransomware is delivered is via phishing. In fact, 91% of cyber attacks last year started with someone clicking something in an email. It’s been a threat vector that’s been around for almost 30 years now, and it’s still extremely effective as a way to get inside networks and past firewalls.
What’s the key to protecting yourself given today’s situation? Consensus in the cybersecurity community has evolved quite a bit. Three years and five years ago, we would be talking a lot about defense and depth, or a perimeter-based security, or rule sets for looking for certain types of malware. But these days, most cybersecurity professionals are now talking about dwell time, network segmentation, managed detection and response, and Zero Trust.
Today, instead of defending all attacks, it’s more about reducing dwell time–which is how long the bad guys are inside the network environment. It’s also more about segmentation. So, if someone does penetrate your network, they can’t access the entire corporate environment. Most people are talking about managed detection and response, which leverages both advanced security analytics and human security analysts to capture and identify when an attacker penetrates and then immediately act to minimize that damage. These have been large pivots over the past few years.
A Zero Trust scenario works under the assumption that the network has already been compromised, and there’s really nothing you can do except user authentication. Thus, knowing how to do authentication around users, groups, and roles is an important initial step. Another key capability is using AI and machine learning to watch for anomalous behaviors. This is very similar to the approaches credit card companies use to catch fraudulent charges on your credit card. It knows when something looks unusual. Additionally, Zero Trust doesn’t trust user devices or machines. Here’s just one example why user machines can’t be trusted: It’s very common for employees to let their kids play with their iPad today. Video games, accidental clicks on phishing emails–it’s world of possibilities. Thus, Zero Trust assumes that user devices will bring malware back into the office. These are all today’s modern approaches for cyber defense.
Pioneering threat detection and response for 19+ years, Masergy is uniquely positioned to help enterprises design and execute on modern threat detection and response strategies that addresses dwell time, network segmentation, behavior analysis, cloud security, and SD-WAN security. Learn more about our scalable approach to security that includes technology, analytics, and a global team of certified security analysts—all working together.
Call us now to arrange a consultation (866) 588-5885.
Or arrange for a consultation through our request form.
CASB serves as of one of SASE’s fundamental purposes. Here’s how it works within a SASE framework to mitigate security risks.
Healthcare IT leaders are reducing the complexity of digital transformation by addressing UC, the network, and security in one unified strategy.
SD-WAN is giving way for terms like SD-Branch. Understand the benefits and how SD-Branch is addressing security challenges at the network edge.
Here’s a guide to understanding the value of user identity analytics and why these details are increasingly important for security today and network automation tomorrow.
SD-WAN management portals typically track only IP traffic for entire sites, but Masergy’s SD-WAN gives you per-user analytics as a standard offering.
Masergy's CTO, Chris MacFarland, teaches you how to reach the milestone of true autonomy. This article originally appeared in Forbes.
Learn how Masergy is acting with urgency to protect employees, clients, and business continuity. We explain how Masergy helps clients respond and how he virtualized the company.
With 20 years of history, Masergy is full of fun factoids. Explore the pioneering moments, pivotal transformations, and tales from the startup days.
2020 marks Masergy’s 20th anniversary. The celebration starts with our top innovation landmarks and where we’re going next.
In celebration of Masergy’s 20th anniversary, we’re honoring our greatest leaders and key players. Here’s the story of Terry Traina, Masergy’s Chief Digital Officer.
Are you getting value out of your security services? These frequent pain points illustrate how partners should be strengthening your security posture.
Here’s a fully managed SD-WAN solution that helps organizations truly transform the WAN edge with a security-driven approach.
Think you only have 30-40 apps running on your network? It’s probably more like 900+. Here’s a quick guide to handling the blind spots of shadow IT.