Made-for-Midmarket Cybersecurity
Midsize organizations face the same cybersecurity challenges as their larger counterparts and require the same robust security solutions to protect their customer and employee data. Unfortunately, they typically face even greater restraints when it comes to resources, budgets, and IT staff.
Organizations cannot afford to leave gaps in protection because sophisticated attackers will exploit any gap, regardless how small. At the same time, adding complexity and gaps with disparate security solutions that are not integrated will not deliver the level of protection required against advanced threats.
To deal with their biggest challenges, midsize companies need a simple and scalable threat-centric security model, meaning focused on the threats themselves in addition to defining policy or controls. Read more.
Sincerely,
Marc Solomon,
Vice President, Security Marketing, Cisco
- Strategies for Dealing With Advanced Targeted Attacks
- Jeremy D'Hoinne | Lawrence Orans
- 6 June 2013
- Targeted attacks, often called APTs, penetrate existing security controls, causing significant business damage. Enterprises need to focus on reducing vulnerabilities and increasing monitoring capabilities to deter or more quickly react to evolving threats.
Key Challenges
- The term "advanced persistent threat" (APT) has been overhyped in the press, distracting organizations from evolving their security controls and processes.
- The major advance in new threats has been the level of tailoring and targeting.
- Advanced threats are using targeted attacks to get past standard levels of security controls.
- Poor security practices and unmonitored employee behaviors can undermine the efficiency of advanced threat detection technologies.
Recommendations
- Assess your existing defenses and identify missing or obsolete layers and unmonitored systems.
- Focus on upgrading critical security processes regarding vulnerability management, continuous monitoring, and incident response to reduce the attack surface and potential damages.
- Plan for the implementation of "lean-forward" solutions and processes to deter or rapidly react to advanced threats.
- Put equal efforts on processes and technologies when mitigating APTs.
The term "advanced persistent threat" was coined by the U.S. military to refer to a specific threat actor (China). It was expanded to include other aggressive nation states, but has been co-opted by the media and by security vendors to hype the source of an attack. This distracts from the real issue — focusing on the vulnerabilities that the attackers are exploiting.
Cisco Content
Cisco delivers intelligent cybersecurity for the real world. Cisco's threat-centric approach to security reduces complexity. We provide unmatched visibility, consistent control and advanced threat protection across the entire attack continuum – before, during, and after an attack.
Learn about the latest security threats and strategies highlighted in the Cisco 2014 Annual Security Report.
- Next Generation Firewalls
- Cisco ASA 5500-X Series: Why Upgrade? – White Paper
- Strengthen Network Security with a New Firewall – Trade-In Promotion
- Top 10 Considerations When Buying a Next-Generation Firewall – White Paper
- Manage your Network Security As Threats Evolve – Blog
- Email Security
- Advanced Malware Protection on Email Security – At-A-Glance
- Mitigating Email and Web Threats – White Paper
- Email Security Appliance – At-A-Glance
- Web Security
- Advanced Malware Protection on Web Security – At-A-Glance
- Cognitive Threat Analytics on Cloud Web Security – At-A-Glance
- Cloud Web Security – At-A-Glance
- Manufacturing Company Mitigates Against Global Cyber Threats with Cloud Web Security – Case Study
- Data Center Security
- Security Now or Pay Later: The ROI of Protecting Your Data Center – Infographic
- Secure Data Center Solution Spurs Economic Growth – Case Study
- Data Center Dinosaur: Adapt or Die – Article
- Identity Services Engine (ISE) – At-A-Glance
- Cisco TrustSec Policy-Defined Segmentation – Video
