The network is no longer contained in a neat perimeter. Every device needs to be protected with consistent security because every device carries risk; malware does not discriminate and moves across systems.
Security organizations collect terabytes of data every second from our departments, partners, and IoT. We collect it, but we aren't sure we protect it. We're not even sure if we've classified it completely or accurately. What's on that sales rep's mobile device? What networks did that smartphone connect to when its user was at Burning Man? Many organizations can't say for sure.
Hacking is now productized. Your enemy no longer has to be a genius in a hoodie; any disgruntled employee or a criminally minded kid with some bitcoin can buy ransomware-as-a-service to lock up your company's critical data. Of course, those types of attackers are mosquitoes in the hacking ecosystem; the greater threat is from nation-states conducting cyberwar by taking down keystones of a global enterprise like Maersk and FedEx.
Organizations are slowly coming to the realization of how catastrophic peak malware could be to their futures¾and what they should be doing to protect themselves.
Prevention is no cure
What we've been doing to protect ourselves hasn't changed enough. We've been relying on disaster recovery and AV solutions. But neither of these is sufficient for the challenges enterprises face today. Tomorrow requires so much more.
Disaster recovery lives at the end of the attack chain when everything is broken. Nobody wants to get to that point. Prevention should be the priority, and prevention is founded on good hygiene.
Hygiene is talked about a lot. It's a rote concept to understand; I mean, people know that to avoid getting the flu virus, they need to wash their hands. But just one person can slip up, and the whole office is coughing. Truly, no matter how much time and effort a company invests in security awareness training and phishing drills, one distracted person who clicks on a malicious link can let something dangerous into the network.
In short, hygiene helps, but like hand washing, don't count on it. To keep a network free from viruses, visibility – not just access control – has to be in place.
Security must travel with your device(s)
To protect its assets, an organization needs a matrix with two key controls: protection at the DNS layer and Next Generation Endpoint Protection (NGEP).
A lot of organizations think they're protected because they already have a list of controls. Despite that, most businesses are at risk. This is why security is the top discussion in many corporate boardrooms today. Companies tether controls to specific devices or networks. They rely on basic AV or, worse, legacy AV, which is too limited to be trusted in today's evolving threat environment.
Traditional perimeters won't protect the network from threats carried in by mobile devices. A laptop may be protected when it's in the office, but people use their laptops at home and on the road, too. When that laptop comes back from a business trip, a vacation, or just a weekend at home, it can infect the whole organization with something nasty. The standard today should be advanced AV that is based in the cloud, so it can follow users wherever they go. Your security must protect everywhere. Period.
You must assume that advanced threats will pierce the network and the authentication and a host of controls. That's just a reality. So not just any “next generation “ solution will do the job; you must have continuous monitoring to spot malicious behavior and have the ability to contain and eliminate threats before they can do any damage. A security everywhere approach is required to defeat malware, which is increasing in volume and sophistication. No sign of stopping.
Take a holistic view of security
The days of bolting on solutions are over; CISOs want holistic approaches and must develop plans to look across the entire network. After all, nobody wants to explain to the board that they secured the corporate campus but forgot about that smartwatch that picked up a touch of ransomware when it went to visit friends in Buenos Aires.