Historically organisations have invested in protecting themselves against Cyber security threats, as each threat has become apparent investment has been in specific security technologies. Along the way security teams have been established to deploy, configure and act on information regarding threats. But vastly increasing amounts of attempted hacking has rendered this historical approach so unworkable that we believe organisations can be divided into two camps – those that have been breached and those that don’t yet know it.
The harsh reality is that for most companies a multitude of different vendor technology solutions are deployed in a discrete manner with little or no integration (50+ in most organisations). This makes it nigh on impossible to protect against determined sophisticated attacks.
https://www.youtube.com/watch?v=RyaTRgbxC6g
The situation is compounded by a global shortage of trained cyber security professionals, Cisco’s 2016 Annual Security Report found a global shortage of 1M people. This demand for skills means that many organisations are struggling to attract and retain staff. Accepting that breaches are common we need to think about security in a completely different way and to encourage board responsibility the EU General Data Protection Regulation (GPDR) was passed on 14th April. In essence this provides citizens with a greater say in how their data is handled by private organisations. It lays out clear guidelines for how EU citizen’s data is to be handled and their continued rights to it once the data is in private hands, additionally it limits how data can be transferred across borders by the security services. Furthermore the GPDR comes with mandatory requirements for the reporting of breaches within 72 hours, fines can be up to 4% of turnover or €20M – whichever is the greater.
So approaches to security need to start with a continual process to prioritise risk as relevant to each organisation with an appropriate structure of resource to mitigate, report and take action. Technology platforms need to be unified and contextual analytics deployed across this architecture to help both block and identify both attacks and any subsequent breach. Cisco are increasingly helping customers improve their approach through advisory services which help implement best practice, this may ultimately still be resourced within each customer but is more likely to use other Cisco services to assist.
Talos is the internal global security team within Cisco and takes information regarding security threats from across the globe. This means that whilst the industry average to detect a breach is between 100 and 200 days Cisco’s average across the internal organisation and all customers of Cisco security solutions is 17.5 hours, with strenuous efforts being deployed to reduce this still further.
Cisco security architecture may comprise a number of what are independent technologies from others working harmoniously to detect, report and remediate attacks. This technology is integrated within Cisco Networking and Data Center technology as security can no longer be considered as something to add to data architecture, but works within it increasingly with automated policy.
The common approach to security from a technology point of view has been to restrict things like access and usage, and so in effect inhibit users. In the drive to digitise we can build security process and systems to enable digitisation and embrace and support authorised users access. The solution is to turn cyber security on its head – thinking about it from a threat centric viewpoint having prioritised risk and ensuing appetite. We can provide both services and technology to support this.
See why there’s never been a better time to feel fearlessly secure here.
Authors
