In the new world, your old security strategy won't work
- 03 May, 2018 16:10
While the old proverb about living in interesting times was intended as a curse, periods of change are also a time where new opportunities arise and can be exploited. When it comes to security and privacy, we are living in a rapidly changing world. New regulations and laws are being enacted all over the world like the Australian National Data Breach notification scheme and New Zealand's new breach reporting rules. And perhaps the most wide-ranging and comprehensive set of laws comes from the European Union and the new General Data Protection Regulation (GDPR).
What makes things even more 'interesting' is the need for businesses to be, not only aware of the various regulatory regimes, but have systems in place to accommodate all their different needs.
At the heart of the different laws that have been enacted internationally is a desire to protect personal identifiable information. In order to do that, in a world where more devices and people than ever are connected to our networks, businesses need to rethink how they protect data, monitor network activity and ensure that they operate in a way that is compliant with the laws relating to the Personally Identifiable Information (PII) they hold.
Breaking those laws can lead to significant financial penalties. In New Zealand, the new rules can lead to fines of up to $10,000 with Australian penalties exceeding $1,000,000 and the GDPR dishing out the stiffest penalties, of up to €20,000,000 or 4% of global revenues.
However, the financial penalties can pale in significance when you consider the damage a breach can do to a company's reputation. In Australia, the contractor involved in the accidental leaking of personal data from the Red Cross Blood Bank saw their business collapse, less than a year after their involvement in that incident was revealed.
Data protection goes further than merely a set of regulatory obligations. Sharad Mistry, a cybersecurity expert with Cisco explains.
"Data protection is the process of safeguarding important information from corruption, compromise or loss. The importance of data protection increases as the amount of data created and stored continues to grow at unprecedented rates. There is also little tolerance for downtime that can make it impossible to access important information".
Armed with that understanding, you can start to create strategies to mitigate the risks
Breaches can happen as the result of all sorts of different activities. One of the most infamous "megabreaches" was that of Target in the United States during 2013. Attackers gained access by compromising the user account of an air-conditioning mechanic working for an external contractor. The attackers spent many weeks in Target's systems probing the network until they reached the point of sale systems.
And, a recent attack on a US casino started when an attacker compromised a network-connected thermometer in a fish tank, highlighting how even the simplest connected device can become a point of ingress for a motivated threat actor.
Understanding these sorts of threats and potential attacks is one of the key drivers for the Cisco Talos team.
"Talos is an industry-leading threat intelligence team made up of experienced threat researchers supported by advanced systems. They detect, analyse, and protect against both known and emerging threats. Talos is backed by sophisticated infrastructure and systems that provide visibility and analysis of Cisco telemetry data," said Mistry.
The very idea of a network border is challenged when you consider the number and range of potential connections to a network.
While older protection methods like firewalls and end-point protection remain useful, they are not enough when you consider volume of network traffic and the number of potential threats facing today's businesses. This is why you need people who understand networks and understand cognitive systems that can apply intelligence to the monitoring of network activity.
In the past, security was often considered a "bolt-on" feature that was added through appliances and software. That no longer works. Businesses need to design their networks with security as a cornerstone component. That goes for everything from wireless access points, to switches and routers, to monitoring systems and tools to automatically alert security teams and start the job of quarantining compromised systems and remediating any potential damage.
Cisco's long pedigree in building network equipment puts it in a great position to integrate that kind of security into your network. Along with a number of strategic acquisitions such as OpenDNS (renamed Umbrella), CloudLock, Sourcefire, Lancope and Observable Networks, Cisco has been able to, along with their continued investment in the Talos Security Intelligence and Research Group, help create a network that is secure by design.
At the upcoming Imagine18 event, being held in Wellington on May 17th, Cisco will be delivering topical seminars, starting with Secure intelligent networking for digital business from Cisco Meraki, Cisco’s innovative intent based networking strategy followed by their secure branch solution. In addition, the company will be demonstrating Cisco’s cloud security product - Umbrella.
You can register here for Imagine18