It is a well-known principle in both science and business that those who survive in this world are not necessarily the strongest or smartest, but those who best adapt to changing circumstances.
I was reminded of this reality while trying to buy a simple cup of coffee at a busy overseas airport on a recent trip. Having just stepped off a long flight and hoping to shake off the tiring effects of jet lag, I headed to a nearby coffee kiosk. Rather than pay with unfamiliar currency notes and coins, I handed over my credit card.
The cashier politely informed me that she did not have approval to use my card for payment, and almost simultaneously, my mobile phone buzzed with a message from my bank asking if I was trying to buy coffee in an airport kiosk in a foreign city. With a couple of clicks I was able to confirm my identity (and desperate craving for coffee) and was soon sitting down with said cup, reflecting on what had just happened.
You can probably guess how this situation played out behind the scenes: in just a matter of seconds, my bank, working with a specialized technology partner, analyzed the request to process payment and concluded that even though I use my credit card to buy coffee regularly, this transaction was suspicious for the simple reason that it was happening thousands of miles away from where I normally use my card. It then proceeded to halt the transaction temporarily while it reached me on a secure channel to verify my identity and the authenticity of the transaction.
Can you see why I call the financial services industry approach resilient? They have continued to enable the increasing use of bank cards as a preferred payment mechanism, even while combating growing and sophisticated fraud against their business. They use extremely fast and reliable networks to process more transactions and enable growth, and have added the power of software and analytics to these networks to identify possible fraudulent transactions. And rather than simply block all suspected transactions, they use innovative approaches in security and mobility to confirm legitimate transactions and minimize inconvenience to their customers.
I view that resiliency and constant adaptation of processes and technologies to stay ahead of changing threats a true best practice, and one that can be used in cybersecurity in all major business and government sectors, not just in financial services.
How to Take a Resilient Approach to Cybersecurity
It is somewhat surprising (and alarming) that so many businesses continue to rely on outdated approaches and technologies when it comes to cybersecurity. Security breaches mean lost intellectual property, compromised customer information and confidence, and serious negative business consequences.
As organizations become more agile and change their business models to take advantage of evolving trends such as mobility and cloud computing, I consistently hear the same fundamental security challenges repeated: a dynamic threat landscape, operational complexity, and a huge shortage of cybersecurity talent. However, taking a resilient approach to cybersecurity will help reduce the time from detection to remediation, or breach to recovery if you adopt solutions that can be integrated, pervasive, continuous, and open.
The following are two different approaches that can help your organization become resilient. Protect your business with one of the best approaches and tools available in the cybersecurity industry today.
One approach is to take the time and effort to analyze the custom nature of threat to your business. Most organizations have already implemented the basics of good perimeter-based defenses such as blocking incoming transactions from suspect IP addresses, implementing careful access control policies, and analyzing incoming website and email traffic.
An even more effective approach is to monitor and correlate both incoming and outgoing data traffic to a custom threat intelligence database. Employees often unknowingly download malicious data or fall prey to sophisticated phishing attacks, and sometimes threats to your organization can come from internal sources. These deliberate or inadvertent actions can initiate trusted connections to external sites that can quickly (within minutes) download malicious software or plant internal attack vectors.
With Cisco’s Custom Threat Intelligence approach, all your outbound traffic is correlated against known sites that pose threats and enhanced with threat intelligence specific to your industry or geography, continuously updated with data that Cisco and maybe even your company’s proprietary data sources discover.
Another powerful approach is the use of machine learning algorithms and predictive analytics to detect possible threats in real time. You know by now that cyberattacks tomorrow will not look like those we see today, and simply protecting against known threats will not be enough. By employing the power of big data and sophisticated heuristics designed to identify anomalous traffic patterns (very much like what my credit card company did), you can “separate the signal from the noise” and make this intelligence actionable. Cisco also offers the Managed Threat Defense security solution, which immediately escalates any suspected incidents to a staff of trained cybersecurity analysts at one of our global Security Operations Centers, where fidelity of the incident is validated and remediation initiated. This approach not only helps ensure technology resiliency, but also takes advantage of operational resiliency with an outcome- and subscription-based business model.
Cisco Managed Threat Defense
Center Your Cybersecurity Strategy on Resilience
Business environments have changed continuously since the early days of trading ships on multiyear voyages using barter transactions, to same-day airplane deliveries and payments made by a simple wave of your phone. Resilience is the ability to bounce back from the inevitable “ups and downs”, and to grow and prosper in changing conditions. Make resilience one of the core tenets of your organization’s cybersecurity strategy and you will sleep better—and safer—at night.
To learn more about Cisco Custom Threat Intelligence Service, please visit: http://cs.co/Threat_Intelligence