It’s Time To Think Out-of-the-box About Cybersecurity

“I could end the deficit in 5 minutes. You just pass a law that says anytime there is a deficit of more than 3% of GDP, all sitting members of Congress are ineligible for re-election.” - Warren Buffett

I think it’s safe to say most of us know of Warren Buffett; the popular billionaire business mogul, investor, and philanthropist. Years ago, as Congress struggled to resolve the debt ceiling fight on Capitol Hill, the stock market plummeted and economic growth stalled. Though the quip made by Buffett was humorously sarcastic, this highly successful American icon has often verbalized ideas that are “out-of-the-box”.

Tough situations often require stepping outside of established or expected patterns and procedures, when the norm simply isn’t the best solution. For example, myriad individual security products have provided much needed security solutions for protecting enterprise assets. However, time has revealed that disparate and siloed products have led to complexity and security gaps. There is a current movement to eliminate individual security product sprawl throughout enterprises and adopt innovative agile solutions that promote integration and cohesion.

Unified cybersecurity platforms are replacing siloed security products

Unified cybersecurity platforms are now available that correlate diverse protection measures within a single platform and dashboard to overcome security holes, the lack of 360-degree visibility, and undue complexity caused by single-function products. Security analysts and forensic investigators are empowered with automated and rapid results that proactively protect IT assets, rather than reacting to false positives and non-priority events. Unified cybersecurity platforms collect, process, and preserve security data through multiple security capabilities. These can include endpoint security, email security, privileged access management (PAM), Zero Trust Networking Access (ZTNA), deception technology and other security functions.

Sometimes, it’s difficult to see outside of the box, when complex walls are blocking our view, and some enterprises may be late-comers to the unified cybersecurity party. Unified cybersecurity platforms have made tremendous gains in the past 12-18 months. Let’s take a look at some of the issues driving the adoption.

Vital elements for defending against known and unknown cyberattacks

• No single product is capable of solving all cybersecurity challenges. In fact, as an increasing number of individual security products are added to the IT ecosystem, they make managing and mitigating threats more cumbersome and complex. In response, we’re now seeing many of the most forward-thinking organizations adopt a unified approach.

To secure digital resources and protect data, these platforms protect legacy systems, remote workforce endpoints, and multi-cloud apps and infrastructure. With embedded multi-function security capabilities, they support an ecosystem that synergistically and efficiently addresses the frequency, complexity, and rapidly changing nature of cyberattacks. A single dashboard can forensically map multiple attack vectors and coordinate analytics, machine learning, behavior analysis, privileged access, enabling a zero trust model to support a highly effective cybersecurity posture.

• Email remains the leading source of malicious actions inflicted on enterprises. Robust endpoint-based email security, complemented with security awareness training, can reliably and consistently thwart attacks. The most advanced email scams are page impersonation attacks. This is where hackers use a common app like Office 365. They create a fake Office 365 login page and author custom emails that are sent to employees. Impersonation attacks take advantage of human errors in judgment. When employees unwittingly open and respond to the emails, they can provide hackers with their credentials and open access to the corporate network.

• Endpoints are a primary target for cyberthreats. Protecting against malware, ransomware, and fileless exploits requires NextGen advanced endpoint protection administered through a security solution that detects and blocks known and unknown malware.

Microsoft Windows software drivers are becoming a critical exploit target for hackers. These malware attacks can be the most devastating an organization can experience. Hackers use drivers to gain entry into a computer’s operating system and kernel. Once in, they can cause massive damage. They can remain undetected within a system for as long as they need, before unleashing their payload. Not only are they dangerous because of the damage they can inflict, they’re also almost impossible to detect and remove. In most cases, the only way to completely remove this type of malware is to delete the operating system and rebuild it. Known as Rootkit malware, it requires specialized anti-rootkit software that detects, prevents, and removes the malware.

• Privileged accounts are ripe pickings for hackers. When they obtain a privileged users’ credentials, they can park their malware on a mission-critical server and wait for the perfect time to laterally move throughout the network and infect whatever devices and applications they want. Privileged access management (PAM) is a business-critical security capability for protecting admin accounts. Controlling access is accomplished by implementing a least privilege principal.
• With the widespread remote workforce and third-party access requirements to network resources, applications and data, organizations are looking to expand their access security protocols beyond traditional VPNs. Assuming that simply providing VPN credentials to remote workers and third-parties will ensure remote access security is not a viable solution. Establishing a zero trust network solution will deliver the secure access needed for the growing contingents of remote users.
• Combating stealth with deception solutions will catch bad actors and malicious employees that represent insider threats. Deception solutions deploy server-based honeypots with credentials deployed throughout endpoints and servers to help alert administrators to malicious activities occurring within the network.

As is often the case with people, specialized technology solutions working together can achieve more than what can be accomplished with each solution working independently. Endpoint security, email security, privileged access management, zero trust networking and deception technology all have their strengths. But when you fuse them together, they produce a far greater cumulative strength.

The time has come. IT and security leaders are climbing out of the box, and using cost-effective, flexible and scalable unified cybersecurity platforms that protect their organization’s digital resources and data.