There is no one-size-fits-all solution to the diverse and nuanced security issues, say Avi Corfas, Vice President, Asia-Pacific & Latin America, and Sridhar Namachivayan, Regional Director, South East Asia, Skybox Security
You know the story — a werewolf on a rampage, tearing through an otherwise quiet hamlet. Unstoppable bloodlust and super-human strength that all the pitchforks and flaming torches can’t beat. And just when all seems lost, a silver bullet brings down the beast.
We’ve entered the era of Cloud but haven’t left behind the traditional data center, which means that security teams have to address legacy systems and cutting-edge innovations with the same resources.
If only cyber security is so easy. Sadly, the best solutions available are the ones that offer continuous maintenance of the problem, but can never make it go away entirely — your attack surface can be reduced, but it won’t disappear. Yet, we keep searching for that one magic solution.
New technologies and enabling new business services expand and shift the attack surface daily. Silver bullet solutions have failed to deliver on their promises to crack these issues, though it has less to do with bad products and hinges more on misunderstanding the enemy. We’re not facing a lone wolf; we’re facing a barrage of diverse attacks on an ever-changing battleground.
The new threat
“The security challenges of recent decades have only grown more complex,” says Avi Corfas, Skybox VP for APAC and Latin America. “We’ve entered the era of Cloud but haven’t left behind the traditional data center, which means that security teams have to address legacy systems and cutting-edge innovations with the same resources. There is no one-size-fits-all solution to such diverse and nuanced security issues.”
Cyber threats have mutated and evolved in ways we never thought possible, like hacking into a healthcare system through an X-ray scanner or broadcasting a carhack over the radio. In the age of such diverse and sophisticated attack vectors, we must once and for all kiss the idea of the silver bullet goodbye; not only because the silver bullet is a security myth, but because it’s not what we really need.
Commanding your arsenal
Studies show us time and time again that most data breaches are preventable with standard security controls or good ‘cyber hygiene’ (i.e., users not clicking on strange links or pdf in emails). An Online Trust Alliance report showed that of the more than 1,100 breaches in 2014, 29 per cent were due to lack of internal controls resulting in employees’ accidental or malicious events, such as lost or stolen devices and documents. Similarly, in Verizon’s 2012 Data Breach Report, a whopping 97 per cent of breaches could have been avoided with simple or intermediate controls.
Will a simple or intermediate control stop a highly sophisticated attack? Maybe, not. However, any network control not properly implemented won’t stop even a simple attack, regardless of how cutting-edge it may be. Without a full understanding of your controls—both how they work individually and collaboratively— you’ll never achieve effective protection.
In order to put together the puzzle of your security controls, you have to be able to see them.
Visibility mightier than bullet
Using advanced network modeling not only brings your network into view, but also understands the relationships between its features — firewall rules, routing information, access policies, and more. Network models simulate your unique environment daily without adding traffic to the network, and enable ongoing security assessment tasks like scanless vulnerability discovery, continuous policy compliance checks and automated rule recertification. Combining this context-aware data gives you on-demand intelligence for effective, rapid response.
Network models also act as a testing arena to perform risk assessment of proposed firewall changes, discover vulnerable attack paths and determine potential exploit impact. These advanced tasks provide a deeper level of network intelligence and give you immediately usable action items.
For instance, enabling access from one point to another is a fairly common occurrence in any network. However, this problem scales exponentially with the size of the network. The first issue encountered is identifying the firewall (or firewalls) that need to be changed and what rules need to be added or modified. Assuming you won’t go adding the changes on a whim, the next thing you need is to assess if there is any potential risk imposed by exposing previously inaccessible vulnerabilities or allowing access to restricted zones. Finally, you need to confirm that the access implemented truly fulfills the intention of the original request.
The knowledge derived from total visibility of your network gives you command over threat- fighting tools already in your arsenal.
These three basic steps of a common network issue might be manageable in a small organisation, but require near-Herculean effort in a large enterprise network. Leveraging a network model allows you to quickly analyse even the most complex networks and make secure changes that meet with the constant stream of business needs.
Harnessing the power
Visibility alone isn’t enough to fend off advanced attacks. However, solutions that analyse and utilise that information empower focused protection. With in-depth understanding of your network and attack surface, the next generation of security solutions don’t just provide a tool — they tell security teams explicitly how, when and where it is best to deploy them; they integrate with other systems to optimise their capabilities and efficiency; and automate tasks that distract from strategic security initiatives, like compliance monitoring, auditing and reporting.
“The knowledge derived from total visibility of your network gives you command over threat-fighting tools already in your arsenal,” says Sridhar Namachivayan, Skybox Regional Sales Director for Southeast Asia. “Centralising this command, automating appropriate tasks, predicting risk before a change is made, and easily tracking those changes and remediation efforts to make sure your security efforts have the intended results — all this is only possible with a comprehensive understanding of your network and attack surface.”
With that level of intelligence, you can strategically combine your defences, and then you’ll have your own silver bullet to fight off the attacks that is unique to you and your needs.