The web has become a popular source of attack, and web security is a vital part of keeping your business safe. Hacking is now a recognized industry, and criminal enterprises are more sophisticated and better connected than ever. Attacks are always changing, becoming more damaging and harder to detect. Five requirements when considering Web Security:
- Protection Across the Attack Continuum—Before, During, and After an Attack
- Flexible Deployment Options
- The Capability to Protect Sensitive Data and Prevent It from Leaving the Organisation
- Reduced Risk Through Robust Controls
- Quick Identification and Remediation of Zero-Day Attacks
Requirement 1: Protection Across the Attack Continuum—Before, During, and After an Attack
In today’s threat landscape, where the security perimeter has been pushed to the cloud and data is a prime target for attack, the chance of a compromised network is essentially assured. Organisations must therefore be prepared to address a broad range of attack vectors with solutions that operate everywhere a threat can manifest itself—on the network, on endpoints, from mobile devices, and in virtual environments.
Requirement 2: Flexible Deployment Options
The “Cisco Security Manifesto,” introduced in the Cisco 2015 Annual Security Report, outlines several basic principles for achieving “real-world security.” One principle: “Security must work with existing architecture and be usable.”*
To be truly effective, a trustworthy security solution must fit into your existing infrastructure, reducing the need to “rip and replace” infrastructure and technologies. It must also adapt and scale to provide the same level of protection as your company grows and changes.
Requirement 3: The Capability to Protect Sensitive Data and Prevent It from Leaving the organisation
Cisco Talos research suggests that organisations may not be able to prevent all malware from infiltrating their networks. However, modern content security solutions can help reduce the chance that critical data will leave the network either by accident or by design. Enterprises need solutions that can scan all inbound and outbound web traffic in real time for both new and known malware, and that apply dynamic reputation and behaviour-based analysis to every piece of accessed web content.
Requirement 4: Reduced Risk through Robust Controls
Today’s organisations need advanced control over dynamic web content and applications for all users regardless of location. As they expand their use of the web for competitive advantage, organisations also increase their exposure to tangible risks that can undermine data security. Some of the most sophisticated web-based threats are designed to hide in plain sight on legitimate and well-trafficked websites and serve up data-stealing malware to unsuspecting users.
Blocking websites is not practical or realistic in today’s Web 2.0 world, but blocking features is. Content security solutions that offer application visibility and control help administrators create and enforce detailed policies within websites that contain embedded applications— without hindering workforce productivity or burdening IT resources. This helps organisations reduce their exposure to web-based malware and prevent data loss.
Requirement 5: Quick Identification and Remediation of Zero-Day Attacks
It’s no longer enough to focus solely on the perimeter with point-in-time solutions that have the capability to scan only once for suspicious activity. Today’s threats change with time, evading detection by point-in-time solutions.
Identifying zero-day attacks requires big data analytics that examine data on users and traffic over time and can flag suspect behaviours. Discreet attacks over time have become the norm, and organisations must be prepared to identify threats given this dynamic.
Furthermore, if a threat is identified after it has evaded the initial defences in a network, organisations need to have the retrospective capabilities to “turn back time” and eliminate the malware in all infected devices.
To protect their data, networks, and users, today’s organisations need a threat-centric security model. They must be able to address the full attack continuum across all attack vectors and to respond at any time, all the time, in a continuous fashion—before, during, and after an attack.
Cisco Web Security – With Cisco web security, organisations can monitor and control data flowing into and out of the enterprise. Cisco’s advanced threat defence starts with the work of Talos. Composed of leading threat researchers, Talos is the primary team that contributes threat information to the Cisco Collective Security Intelligence (CSI) ecosystem, which includes Cisco Threat Response, Intelligence, and Development (TRIAD); Cisco Managed Threat Defense; and Security Intelligence Operations. Cisco CSI is shared across multiple security solutions and provides industry-leading security protections and efficacy.
Cisco Cloud Web Security – As a cloud-delivered web security solution, Cisco Cloud Web Security (CWS) offers extensive SaaS. Deployment is simple and fast. No maintenance or upgrades are required. With Cisco CWS, administrators can set and enforce specific web-use policies across the entire environment. Users can connect Cisco CWS to their existing infrastructure with flexible network integration options.
Cisco Cognitive Threat Analytics – Organisations that use Cisco CWS can further enhance their threat-detection capabilities with Cisco Cognitive Threat Analytics (CTA), a cloud-based solution that reduces the time to discovery of threats operating inside the network.
Cisco AnyConnect VPN – Cisco AnyConnect® VPN technology provides information on user identity and location, device operating system and version, and user access privileges that help enable Cisco next-generation firewall solutions to enforce network access based on context.
Cisco Advanced Malware Protection – Cisco Advanced Malware Protection (AMP) combines the cloud security intelligence of Cisco and Sourcefire (now part of Cisco). Cisco AMP integrated capability spans Cisco FirePOWER™ network security appliances, endpoint protection for PCs, Cisco email security, Cisco web security, Cisco Cloud Web Security, and mobile and virtual systems.
Robust web security solutions, like those from Cisco, are a core component of a modern content security strategy because they rely on real-time intelligence; provide precise access control; and are content, context, and threat aware. With Cisco security solutions, you are protected across the entire attack continuum.
Cisco service offerings are available to help you assess and deploy your security solution quickly and cost-effectively. Our portfolio includes professional and technical support services as well as assistance in planning, design, and implementation.
by Matthew Cooper, Comms Express