The news last week that the US government’s Office of Personnel Management has been hacked, with the most sensitive personal information of over 4 million federal employees leaked, stands as arguably the most significant data breach ever. It will likely take some time for the full details of this attack to emerge. However, I’m willing to bet that it all started with a targeted phishing email.
Cloud Security Enables a Secure Foundation for the Internet of Things
When we think of the internet, we typically think of a diverse network enabling users to access information and applications from personal computing devices. However, we are now seeing an explosion in the volume of machine-to-machine interactions occurring across the internet. Products from home appliances, to cars and industrial equipment are rapidly evolving into connected, smart, network-enabled systems that interact with users, with each other, and with other connected services to vastly expand their functionality. This world of internet-connected devices is often referred to as the Internet of Things (IoT).
A Move From Alert-Driven to Intelligence-Driven Security
One of the unfortunate by-products of the proliferation of point products within the CISO’s environment has been an avalanche of security events and alerts, making alert overload one of the banes of the modern CISO’s existence. In fact, a whole new category of products and services has grown up to attempt to bring order to this chaos (referred to as Security Information and Event Management, or SIEM). However, managing security through alerts has been described as being analogous to driving a car down a busy highway at night by looking through a frosted rear-view mirror: it is not only misleading, but likely to end in disaster for all involved!
Just a few months ago a senior executive at one of the world’s largest security companies let slip in an interview that “anti-virus is dead”. This was a rather embarrassing admission from a company that makes the bulk of its revenue from legacy anti-virus technology! Nevertheless, the point is actually valid: today’s cyber threats have outstripped the capabilities of old-school signature-based anti-virus.
So what does this mean for how we secure endpoint devices, which, after all, are the access point through which users access the critical data and applications that the security industry is tasked with protecting? In the third of my predictions for the future of cloud security, I explain how a new approach to endpoint security has a central part to play in how we protect networks, data and assets in 2015.
Last week I posted the first of my five predictions for the future of cloud security. This week, I am focusing on a very interesting transformation that has already begun in the way that enterprises will implement and use cyber security technologies.
Enterprises will Favor Integrated Cloud Services vs. On-Premise Point Solutions
Today’s CISO is faced with an over-load of point products (NAC, IDS, IPS, Endpoint Security, Web Gateway, Next Generation Firewall and APT to name just a few) provided by a plethora of vendors. These products are typically deployed in some on-premise configuration and tend to be difficult, if not impossible, to integrate together – resulting in severe visibility limitations across the organization’s security posture. At best, the CISO gets to see individual pieces of the security puzzle – which is tantamount to flying blind through very dangerous territory. The CISO thus has no choice but to adopt a highly reactive security posture due to this lack of visibility and control.
We are excited to announce the continued expansion of the iSheriff global cloud security network with the launch today of new cloud data centers in Sweden, Chile and Russia, and the expansion of additional data centers in Italy. This expansion, driven by increasing demand for iSheriff’s services in Europe and Latin America, ensures unmatched secure access and roaming coverage for iSheriff customers and partners. The iSheriff cloud security network now provides more than 1,000 access points worldwide, with multiple levels of redundancy and replication to ensure an extremely high level of performance and scalability.
As we approach the end of the year, at iSheriff we are thinking a lot about the outlook for 2015 and the longer-term future of cloud security.
The cloud has been widely hailed as the most disruptive force in modern business. Indeed, the world is in the midst of fundamentally profound transformations, enabled by the cloud, in the ways in which we access and interact with data and applications. Unfortunately, the security industry has not kept pace with these transformational trends, necessitating an equally profound change in the way we secure modern businesses against cyber-attack.
Over the next several weeks I will be sharing my predictions for five dramatic changes that are coming in enterprise security.
I invite you to join in the conversation!
A new virus has just been identified that is specifically targeted at small and medium-sized businesses (SMBs) in the UK. This attack is initiated as a highly targeted phishing email that purports to be tickets to a theatre performance of Peter Pan. Attached to the email is the “ticket”, which is actually a malicious payload. Once opened the payload installs malware that spiders out across all devices on the same network, replicating itself and collecting user names, passwords and other sensitive information from the infected devices. The compromised information is then sent to a command server in Eastern Europe.
Why is this attack targeted at SMBs? Although we don’t know for sure without speaking with the cyber-criminals behind this attack, it is a pretty safe bet that the criminals view SMBs as a soft target. The threat landscape is becoming more challenging by the day; the volume of intrusions is increasing, and attacks are becoming more sophisticated and targeted. We tend to think of cyber-threats as a phenomenon that affects large enterprises and government entities: organizations that have the capabilities, staff and resources to buy the latest security products and figure out how to get them to work together. The reality, however, is that SMBs are faced with exactly the same cyber security challenges as their larger brethren, but don’t have the budgets or manpower to adequately address the threat. The cyber-criminals know this and have turned their attention to attacking these less-defended targets.
In just the last few years we have become a world of roamers. Unlike the romantic notion from the past of a world traveller roaming the globe in search of exotic adventures, today’s roamer is the rather more mundane knowledge worker shuttling from the office to a client site, perhaps hopping on a wi-fi network at a coffee shop or in a hotel. Our historic adventurer knows to get vaccinated in advance against the very real risk of infection in the wild blue yonder. So we are led to reasonably ask why the modern mobile cloud roamer doesn’t take a similarly pragmatic approach to risks of wandering unprotected into the cyber-unknown.
Organizations spend billions of dollars to protect their networks against outside threats. JP Morgan Chase, which was recently the victim of a significant and high profile breach, spends over $250 million a year on security. Despite all of this investment, the attackers are still getting through the defensive perimeter and wrecking financial and organizational havoc.
Today’s security landscape looks nothing like it did even just 18 months ago. Successful attacks against leading brands have come to light and the methods employed by those attacks are astonishing. As industry defenses have increased, so has the sophistication in which attackers are using to defeat them. Unfortunately, there’s been another increase as well – an increase in the security gaps created by disjointed point products, lack of security expertise and the sheer volume of attacks being deflected. With all of this, is there such a thing as zero-grap protection?
The threats organizations face today are relentless. Attacks are more sophisticated, however not every organization has the resources to match these attacks. Making this challenge worse, the network perimeter has been replaced with an interconnected set of systems and ‘common-use’ networks, making it nearly impossible to identify where the network’s edge lies.