Protecting your business assets — data, devices, programs, infrastructure, and people — requires a 24/7 approach that blends protection, detection, and resolution capabilities. The latter two are critical, because it’s not a question of whether you’re going to be the victim of a cybersecurity problem, but when.
And while the focus on and commitment to cybersecurity is growing, the threatscape continues escalating, with the bad guys always a step ahead. As the saying goes: They only have to get it right once; the good guys have to get it right every time.
There is progress, said Kevin Walker, security CTO, Juniper Networks. “Cybersecurity is becoming more secure. It’s not secure, but it’s becoming more secure.”
Making your network more secure starts with understanding that your data is valuable and therefore vulnerable. The growing volume of breaches and the professionalism involved by the thieves, including cybercriminals, rogue governments, and disaffected and/or sloppy employees, means prevention is not enough.
Good cybersecurity prevention or perimeter solutions provide a 99.9% or higher detection rate for common malware. Unfortunately, that’s not good enough. “To be brutally honest we are in a fight of our digital lives and we are not winning,” said Rep. Michael McCaul, R-Texas, chairman of the House Committee on Homeland Security, at the recent RSA Conference.
Last year more than 4 billion records were exposed by breaches. Malicious email campaigns skyrocketed in 2016: Q4’s largest campaign was 6.7 times the size of Q3's, and social media phishing attacks increased 500% year-over-year. Cyberattacks were estimated to cost companies about $400 billion. That number is expected to quadruple to $2.1 trillion by 2019, and triple again by 2021 to $6 trillion annually.
The sheer volume of security alerts and alarms are burying cybersecurity staffs:
• 44% of security operations managers see more than 5,000 security alerts per day;
• On average, organizations investigate only 56% of the security alerts they receive on a given day, with half of the investigated alerts deemed legitimate;
• 80% of organizations receiving 500 or more severe/critical alerts per day currently investigate fewer than 1% of them.
So the next step in protecting your business assets is prioritizing your data: What information is absolutely essential to your day-to-day operations, and what is less critical. Next, plan and build a cybersecurity framework that ensures information is protected, and that detection and resolution capabilities are in place to keep that data secure, no matter what.
Your network must be at the foundation of your cybersecurity framework because it increasingly touches every aspect of your business.
Juniper Networks’ approach to cybersecurity centers on its Software-Defined Secure Network (SDSN), a platform that combines policy, detection, and enforcement with a comprehensive product portfolio that centralizes and automates security. It leverages cloud economics to find and stop threats faster, and provides end-to-end network visibility that secures the entire network — physical and/or virtual.
Looking ahead, your cybersecurity strategy must match the speed and agility of the emerging digital economy and growing threatscape. That means automating as many manual activities as possible.
“If we can’t execute without human intervention, we’re going to lose,” Juniper’s Walker says. “Automation is critical to the SDSN narrative.”
When it’s no longer a question of if but when you will be attacked, it comes down to: Are you spending your money wisely, or are you just spending your money?