Gaining the Upper Hand on Hackers with Comprehensive Network Security
Over the last year, we’ve witnessed some very prominent hacks including Adobe, Target and Neiman Marcus, so enterprises could be forgiven for feeling a bit nervous about the ever-present threat of network infiltration. Unfortunately, a recent Ponemon Institute report will likely do little to ease these concerns. According to the research, the majority of security professionals believe attackers are able to dodge the defenses enterprises are deploying. That’s a major problem for enterprises, especially considering the research revealed 80 percent of respondents believe the loss of data could lead to lost income.
However, if denial is the first stage of addressing a problem and acceptance is the second, logically, action must be the third. And that’s precisely what enterprises need to do – take action.
Advantage: Cyber Criminals
As Joerg Hirschman, CTO of NCP engineering explains in SC Magazine, “For the most part, the good guys are being more reactive than proactive.” There’s advantage number one for cyber criminals. Advantage number two, as detailed by eWeek’s Robert Lemos is the fact that “Attackers are able to gain intelligence on corporate defenses, [therefore] they have a first-mover advantage and the ability to actively look for vulnerabilities.” Finally, the communication amongst attackers gives them yet another advantage over enterprises, who are subject to the same types of threats but very rarely share important defense information or collaborate to patch flaws in network security.
Considering this, Larry Ponemon’s summary of the research comes as little surprise: “The overall analysis indicates that a majority of security professionals do not feel adequately armed to defend their organizations from threats.” But what if enterprises were more proactive about their collaboration? What if, instead of relying on unconnected point solutions for their network security, companies were arming themselves with a variety of best-in-breed security solutions that work together?
The Enterprise Rebuttal
While the Ponemon Institute report is unsettling at first glance, that’s no reason to fold and let attackers run rampant. In fact, this type of revelation may be exactly what enterprise security professionals need to make sweeping changes to their organizations’ security posture.
The benefits of a defense in depth security framework are well documented by organizations using a comprehensive approach to security based on solutions such as IF-MAP. Each different security technology implemented serves as another challenging hurdle attackers must clear in order to gain access to corporate networks. For example, using different VPN and firewall providers will require two forms of authentication before the communication will be permitted to begin. Further, using a robust anti-malware solution in addition to a separate anti-virus solution increases the likelihood of mitigating each respective threat, as each component specializes in one area of security.
Of course, in order to combine these best-in-breed solutions, the various technology vendors must work together to make interoperability a priority. Enterprises deserve to have confidence in their remote access security infrastructure, and security professionals have the ability to deliver it. So let’s stop letting attackers gain the upper hand. Let’s start taking action.