Cisco UK & Ireland Blog

Seeing is safeguarding: why network visibility is crucial to protecting yourself from cyber-attack

September 25, 2018

There’s a famous phrase that out of sight is out of mind. When it comes to cybersecurity, this has never been more true.

If you can’t see a malware or a hidden piece of code, you won’t know that it’s harming you – and so you’ll let it continue. Today’s hackers are remaining undetected on networks for an average of 100 to 200 days.

But a visible threat is something you can face. That’s why it’s so important to have strong network visibility.

When you have clear insight into your environment – including your attackers’ behaviours and location within it – you can prevent a security event from becoming a full-blown data breach.

And in today’s era of hacking, where the average website is attacked 22 times a day, this has to be a priority. Under such duress, it’s not always possible to keep malicious individuals out. Instead, you have to focus on being able to see what they’re doing if and when they get in.

With this in mind, we’re heading to Cyber Security X at IP Expo Europe, where our experts will be sharing their thoughts on the power of visibility in securing a network. Read on for a sneak preview of what they’ll be talking about.

Employee skills: the basis for security

In any business, your number one asset is your people. The principle is the same when it comes to fending off cyber-attacks.

Businesses need to ensure their workforce has the correct skillset to protect the enterprise from threats. This starts with a Computer Security Incident Response Team (CSIRT).

Incident response teams are worth their weight in gold. All organisations, from the smallest to the largest, should employee at least one trained professional who is responsible for incident response. And it’s important to remember that cyber-security experts are not necessarily incident responders: they need a specific background in high-pressure response scenarios.

Of course in an ideal world every employee would be able to support the incident response team. Even if this isn’t realistic, it’s important that your entire employee base has an awareness of cybersecurity so they know what to look out for to spot a potential attack.

And this awareness extends beyond the computer network and into real life. Insider threat, where an individual within the organisation uses their position to conduct a cyber-attack, is a growing problem. Protect yourself by training managers to look out for and report suspicious employee behaviour to HR.

After all, an informed, engaged workforce is the best defence in the case of a security breach. And even better: well-trained employees are less likely to leave the door open for hackers in the first place.

The rise of the email scam

Today criminals are targeting people with increasingly sophisticated cyber-attacks.

Top of the list stands email spoofing and phishing attacks. Emails purporting to be from someone you know – a colleague, a friend – contain links that send you to malicious websites or encourage you to give up information that could lead to monetary gain for the hacker.

They can be incredibly believable, with the correct names and company logo and a convincing sender’s address. In fact, these scams have become so sophisticated that the Financial Ombudsman has advised that the consumer can’t be blamed for falling for them.

You need to tread a careful balance between allowing employees freedom to do what they need, and policing their behaviour to protect your system. Should your employees be allowed to click on a link that is two hours old?  How can you protect employees when they are off-net?  These are questions businesses have to face – and fast.

AI powered cybersecurity

Technology has developed to such a degree that we’re starting to see machines capable of thinking for themselves (artificial intelligence). Unfortunately, the cyber-criminals have realised this too.

Hackers are using highly developed technologies like AI and machine learning to conduct advanced attacks on businesses, leading CSOs online to call 2018 the ‘year of the AI powered cyber-attack’.

But businesses can also use these technologies to counteract hackers. Machine learning is a particularly useful tool when it comes to threat detection, since it can analyse normal patterns of behaviour, and notice when there’s an anomaly – which normally suggests something suspicious is going on.

In the distant future, it’s possible that cybersecurity and cyber-defence will just be a fight between machines.

Nowhere to hide

Firewalls, intrusion detection, endpoint protection, and other security solutions can handle 99% of the risks. But there will inevitably be 1% that gets through – and you need to spot it when it does.

This is where network visibility comes in. You need technology that provides oversight of the network in its entirety – not just the north-south traffic, but the east-west too. And this extends into visibility into the internet, since you need to understand what your employees might be clicking on or downloading.

A threat that goes unseen will go undefeated.

But network visibility – alongside well trained staff and the new technologies like AI – will see you right.

Come and visit us at IP Expo Europe to find out more about how to secure your business from cyber threats.

Leave a comment