The Internet grows exponentially in terms of speed, connected devices and traffic. To protect themselves, companies need to aim for simplicity and integration, according to the 2017 Cisco Digital Security Annual Report that listed the following key information security holes:
- Integration: Lack of security integration can allow time and space gaps that can be exploited by malicious agents to initiate attacks.
- Disconnected: Multiple vendors, multiple products, all unconnected and without joint information analysis, make analysis difficult and waste internal resources.
- Unhandled Security Alerts: Due to various restrictions, companies can investigate only 56% of the security alerts they receive on any given day. Half of the alerts investigated (28%) are considered legitimate; less than half (46%) are corrected.
- Cloud Applications: Connected third-party cloud applications introduced by employees in corporate environments pose a high security risk.
- Adware: Annually 75% companies are affected by adware infections.
- Spam: Spam represents almost two thirds (65%) of the total email volume. According to Cisco Threat Researchers, about 8% to 10% of global spam observed in 2016 could be classified as malicious.
- Middleware: Vulnerabilities in middleware (software that serves as a bridge or connector across platforms or applications) are becoming more visible, raising concern that it is becoming a widely used threat vector.
- Software Updates: Software updates may affect user behavior when it comes to installing patches and their updates.
- Browsers: Ensuring that browsers are safe and disabling or removing unnecessary browser plugins can be a great way to prevent malware infection. These simple precautions can significantly reduce your exposure to common web threats.
- Patching: Security professionals should make a concerted effort to prioritize patches. If staffing and other resources prevent you from installing all available patches on time, evaluate which ones are most important to network security and put them at the top of the task list.
A well-equipped IT security team with the right experts and tools can make technology and policies work together for better security results.
Automation is also essential to achieve this goal. It helps you understand what normal activity is in the network environment so you can focus scarce resources on investigating and resolving real threats. Another indispensable item is the simplification of security operations to make the company more efficient in eliminating the unrestricted operating space of criminals.
For an interconnected and integrated approach, the report recommends:
Executive leadership
Leaders must prioritize security. This is critical for reducing and preventing attacks. The executive team must have clear and established metrics to evaluate the effectiveness of the security program.
Politics
It is closely linked to the reduction of invasions. Controlling access rights to networks, systems, applications, functions, and data influences the ability to reduce damage resulting from security breaches. In addition, policies that ensure constant review of security practices help prevent attacks.
Protocols
The right protocols can help prevent and detect breaches and have a strong relationship with reducing intrusion. Regular assessments of networking activities to ensure that security measures are working are crucial for both threat prevention and mitigation. It is also useful to review and refine security practices on a regular, formal and strategic basis over time.
Tools
The judicious and proper application of tools is strongly linked to risk reduction. With access to the right tools, users can analyze and provide critical feedback for threat detection, prevention, and mitigation.
Protections should include the following elements:
- Prevention: To minimize the impact of security breaches, employees should report security issues and failures. It is also critical that safety procedures and processes are clear and well understood.
- Detection: The best detection methods to reduce the impact of breaches are those that allow companies to identify security weaknesses before they become serious incidents. For this, a good system for classifying incident information is essential.
- Reduction: Well-documented incident monitoring and response processes and procedures are critical to effectively reducing violations. Companies also need to have strong protocols to manage crisis responses.
Lessons Learned
Security professionals stated that a security breach has improved threat defense procedures, policies, and technologies. Of these companies affected by violations:
- 38% said they responded by separating IT security staff
- 38% said increased security awareness training among employees
- 37% said focus on risk analysis and risk reduction increased
One strategy also adopted by companies was to hire outsourced services, since the subject demands dedicated experts in the subject.
Security breach
The question is not “if” a security breach will happen, but “when”!
And the best answer is above: through the recommendations and lessons learned from companies that have already suffered a security breach.
Source: www.securityinformationnews.com
About [SAFEWAY]
THE [SAFEWAY] is a widely recognized company as a provider of premium information security and cybersecurity solutions. From its extensive portfolio, we highlight several solutions, including those based on platforms:
● Archer da RSA Security, considered by the institutes Gartner and Forrester and by the market itself, the most complete process integration solution for Governance, Risk Management, Compliance and Business Continuity Management;
● [SAFEWAY] Security Tower, supported by IBM Qradar (Watson technology), tailored to each organization in its security and cyber defense management needs.
● And others, involving technologies Imperva, Thales, Tripwire and WatchGuard Technologies.
We await your contact: [email protected]
