Today s Cybersecurity Technology: Is Your Business Getting Full Protection?

Transcription

1 A WHITE PAPER SDX Technologies Today s Cybersecurity Technology: Is Your Business Getting Full Protection?

2 1 Today s Cybersecurity Technology EXECUTIVE SUMMARY Information technology has benefited virtually every business in the 21 st century. But cyber criminals are also using this same technology to steal assets and disrupt operations. Cybercrime is on the rise and poses even greater danger as the world becomes more interconnected through cloud technology, drones, and the Internet of Things (IoT). These security breaches result in lost revenue, lost employment, lost intellectual property, damaged reputation, health and safety concerns from counterfeit products, lost investment for research (R&D), and delays or interruption in production. While businesses are spending billions of dollars each year on cybersecurity, hackers, criminals, terrorists, and nation-states continue to find new ways to penetrate IT security shields. This white paper outlines major flaws in existing cybersecurity technologies, including: Slow-to-react security responses Lack of scalability Too much emphasis on intrusion-centric security systems Difficult-to-manage technologies In addition, this white paper details important features that can be found in an ideal IT cybersecurity solution ( security technology nirvana ), such as: Security in depth Real-time DPM 5GL surveillance Administrative controls protection Easy data back-up After reading this white paper, business executives and IT managers can make better-informed decisions about adopting new IT security technology that will better protect their companies from cyber threats.

3 2 Today s Cybersecurity Technology THE GROWING THREAT OF CYBERCRIME Information technology has changed the world as we know it. The big data revolution has helped businesses to become more efficient, profitable, and interconnected. In the 21 st century, no company can afford to do business without information technology. However, a diverse cast of cyber criminals are using these same technological tools to steal assets and disrupt operations. Domestic and foreign commercial rivals, organized criminals, terrorists, disgruntled employees, and lone wolves are targeting thousands of vulnerable U.S. companies with denial-of-service attacks, phishing, mobile malware, and third-party attacks. Cybercrime has become our nation s top security threat and poses serious risks to our financial, manufacturing, energy, transportation, and healthcare infrastructures. According to a study by PriceWaterhouse Coopers, Detected cyber security attacks rose by 48% in 2014, with 25% of companies reporting at least 50 attacks in the past 12 months. 1 Furthermore, Security Week reported that nearly 70% of infrastructure companies experienced significant breaches between 2013 and Ultimately, these security breaches result in lost revenue, lost employment, lost intellectual property, damaged reputation, health and safety concerns from counterfeit products, lost investment for research (R&D), and delays or interruption in production. 3 And as cloud technology, drones, and the Internet of Things (IoT) become more popular, cyber criminals will find even more opportunities to exploit security breaches and flaws. As author and security expert Marc Goodman points out, There is a gathering storm before us, and all the signs of disaster are there. The technological bedrock on which we are building the future of humanity is deeply unstable and like a house of cards, it can come crashing down at any moment. 4 Clearly, the game has changed in the fight against cybercrime. That s why it is incumbent upon businesses to develop a better line of defense against the growing number of cybersecurity threats. DATA THAT IS AT RISK Proprietary formulas and processes Prototypes or blueprints Research Technical components and plans Confidential documents Computer access protocols Passwords Employee data Manufacturing plans Equipment specifications Vendor information Customer data Access control information Computer network design Software (including source codes) Phone directories Hiring/firing strategies and plans Negotiation strategies Sales forecasts Pricing strategies Corporate strategies Marketing strategies Acquisition strategies Budget estimates/ expenditures Corporate financial data Investment data 5

4 3 Today s Cybersecurity Technology WHAT S WRONG WITH TODAY S SOLUTIONS? Businesses are taking the cybersecurity threat very seriously. The Gartner Group projects that, by 2017, companies around the world will spend up to $94 billion annually on cybersecurity. 6 But even with a seemingly impenetrable wall of protection, thousands of businesses are unable to keep pace with a preponderance of cyber threats. In 2013, cybersecurity firm Kaspensky Lab estimated that it uncovered approximately 200,000 new malware samples each day. 7 Meanwhile, hackers continue to unleash newer and more destructive malware and viruses. While firewalls, authentication tools, and virtual private networks are designed to provide a protective barrier against cyber threats, conventional security technologies have design and implementation flaws that hackers can easily exploit. Conventional IT security systems are often slow to revise the signature database of malicious content. What s more, 3GL and 4GL programming are only capable of interconnecting and automating systems: they do not provide real -time protection against malware and viruses. By the time cyber threats are detected and removed, the damage is done. 8 TOP ATTACKS USED BY U.S. HACKERS 1. Waledac trogan 2. Upatre Downloader trojan 3. Glupteba trogan 4. CryptoWall trogan 5. Downloader trojan 12 TOP ATTACKS USED BY FOREIGN HACKERS 1. ZeroAccess trogan 2. Dyre Banking trojan 3. Glupteba trogan 4. Bugat/Cridex/Feodo trogan 5. Downloader trojan 13 During a joint study conducted by Imperva and the Technion-Israel Institute of Technology, researchers determined that the most popular antiviral tools detected only 5% of newly created computer viruses. And it may take up to a month to detect a new virus from the time of the initial scan. 9 IT journalist Larry Karsiny observed: These slow-to-react responses are due to the utility systems data-driven monitoring cybersecurity approaches rather than live model-driven monitoring. We currently live in a world of unmonitored microsecond machine messages that can properly activate or even manipulate the actions of virtually any automated ecosystem. 10 In addition, today s IT security technologies lack scalability, can t support highly distributed environments, put too much emphasis on intrusion-centric security systems, and are difficult to manage. 11 It is obvious that point solutions no longer work and can t meet the complex needs of IT security infrastructures. Businesses need a stronger and more proactive approach for dealing with cybersecurity threats. And companies need a cybersecurity solution that provides reasonable protection while allowing them to conduct business without inconveniencing their customers.

5 4 Today s Cybersecurity Technology THE IDEAL CYBERSECURITY SOLUTION What would an ideal cybersecurity solution look like? Enterprise security professionals often refer to the endpoint solution as security technology nirvana. Once merely a dream, this technology is closer than you think. CYBERSECURITY CHECKLIST 24/7 model-driven An ideal endpoint security suite would provide live 24/7 model-driven monitoring of any process or control system, instantaneously report any intrusion threats, and quickly map an immediate response strategy. Furthermore, this product would offer comprehensive IT security without causing organizational complexity or disrupting accessibility. When evaluating a cybersecurity solution, look for a product that matches the requirements of the CIA Triad. The ideal product should safeguard the confidentiality of internal secrets and transactional data, maintain the integrity of data so it is not changed in transit, and make data available when needed. The following checklist details important features you would find in the ideal endpoint security suite. Instant reporting Quick response strategy Security in Depth Real-Time DPM 5GL Administrative controls protection Easy data back-up Reduced complexity Minimal disruption Security in Depth. To make data more secure, cybersecurity technology should offer multiple layers of protection. This approach helps to protect data on the system where it resides. As an additional benefit, data would be shielded from malware attacks while it is being accessed on networks. The ideal product would also protect devices with port blocking and full-disk encryption. Real-time DPM 5GL Surveillance. The latest cybersecurity solution should use a fifth-generation programming language that enables computers to solve problems without the assistance of a programmer. DPM 5GL watches data in motion, helping to identify malware attacks or privacy violations in real time. Administrative Controls Protection. An endpoint solution should provide strong administrative-level authentication controls to prevent hackers from accessing administrative credentials. Easy Data Back-up. Finally, security technology nirvana should offer backup of PCs and provide quick and easy retrieval of data.

6 5 Today s Cybersecurity Technology INTRODUCING NIRVANA SHIELD: A GAME CHANGER IN IT SECURITY Your search for security technology nirvana has finally come to an end! SDX Technologies helps you stay ahead of virtually any cyber threat with Nirvana Shield. Nirvana Shield uses cognitive modeling technology, on-device processing, and the most advanced hardware-based security to provide early detection and isolation of malware activities that may be occurring on your company s web eco-systems. That enables your IT team to quickly remedy the problem before any harm occurs. Nirvana Shield also delivers peak security performance without disrupting your company s day-to-day operations. Using multiple layers of protection and real-time DPM 5GL technology, Nirvana Shield safeguards your network and systems from zero-day attacks and unauthorized intrusions. It also provides the strongest administrativelevel authentication controls and offers convenient back-up and retrieval of your company s most sensitive data. ABOUT SDX TECHNOLOGIES SDX Technologies offers a full range of software solutions that defend companies against a wide spectrum of cybersecurity threats. We provide agile, integrated protection for data, whether it is stored on the endpoint, across servers or in a cloud. We serve a variety of industries, including the financial, manufacturing, energy, transportation, and healthcare infrastructures.

7 6 Today s Cybersecurity Technology REFERENCES CITED 1 Thielen, A. (2015). Cybersecurity is a huge risk; Fortinet is capitalizing on it. Retrieved August 26, 2015 from story/ /1/cybersecurity-is-a-huge-risk-fortinet-is-capitalizing-onit.html. 2 Prince, B. Almost 70% of infrastructure companies breached in last 12 months: Survey. Security Week, July 14, Retrieved August 26, 2015 from -companies-breached-last-12-months-survey. 3 The Federal Bureau of Investigation (2015). Intellectual property protection: Safeguard your company s trade secrets, proprietary information and research. Retrieved August 26, 2015 from investigate/counterintelligence/intellectual-property-protection 4 Goodman, M. (2015). Future crimes. New York, NY: Doubleday, 35%. 5 The Federal Bureau of Investigation 6 Johnson, S. Gartner says worldwide security software market grew 7.9 percent in San Jose Mercury News, September 13, Kaspersky Lab, Global corporate IT security risks: 2013, May Karisny, L. (2015). Will DPM 5GL save cybersecurity? Retrieved August 26, 2015 from utm_source=related&utm_medium=direct&utm_campaign=will-dpm-5glsave-cybersecurity 9 Imperva, Hacker Intelligence Initiative, Monthly Trend Report #14, December 2012, Assessing the effectiveness of antivirus solutions. 10 Karisny, L. (2015). Cybersecurity: Fix it or die? Retrieved August 26, 2015 from 11 Nieten, D. (2014). Top 7 limitations of today s IT security systems. Retrieved August 26, 2015 from 12 June 2015 Threat Stats (2015). Retrieved August 27, 2015 from June 2015 Threat Stats

8