Does effective cyber security protection and GDPR compliance mean that existing solutions will need replacing?
That depends on what you have deployed and how you have configured it. The changing nature of the cyber security threat does call for an agile and adaptable protection approach that will increasingly make use of automation and machine learning. In addition, the requires of GDPR call for an effective cyber security regime that protects data effectively and has monitoring and detection systems in place.
A comprehensive approach requires multiple layers of protection not just to address the different types and areas of threats but also to provide an element of redundancy. Threats that may not have been picked up by say your endpoint protection solution may be detected by your network layer security solution for example. Research has indicated that most deployed security products only 10% of their features enabled and correctly configured.
While some features just may not be relevant for a particular deployment, the main reasons why many businesses just don’t switch these features on include;
- Difficulty configuring the features
- Lack of adequate skill set
- Concerns it will slow down performance
- Don’t understand how the features will benefit them
It’s worth flipping the conversation on its head and viewing things in terms of the benefits, which once they are clear enough, turning on the required features becomes a no brainer. We are overwhelmed with all kind of statistics about the cost of cyber attacks – one startling one is a US government indicates that 75% of small business suffer a cyber breach, while the cost of the average cyber attack is over $1m. So, there are massive benefits to getting security right in terms of avoiding reputational damage and worst still sever financial costs or potential fines.
Going back to the original question – do you need to replace the solutions already deployed. First, you need to look at what you have, how its configured and how much more you can do with it.
A good area to start with is your firewall, if you have a well-featured Next Generation Firewall (NGFW) in place, you just need to make sure it is configured for maximum protection. Here are some of the features you need to enable to make it close to 90% effective – if you don’t enable them it would be analogous to having keys to all your business premises doors and windows but leaving all but a few ajar.
1. Turn on Intrusion Protection Systems (IPS)
By default, your NGFW may have intrusion detection enabled (IDS) but given that most people don’t understand the alerts even if they are monitoring them, it’s worth automating the protection by enabling IPS. You can implement a IPS to block attacks such as worms, virus and downloadable exploits/attachments.
2. Enable network-based anti-virus protection
The feature will use deep packet inspection to identify threats. This is particularly useful to have a second bite at stopping threats not picked up by endpoint security. Also, some devices such as IoT types devices may be more vulnerable to such an attack but are unable to run anti-virus software.
3. Enable Malware protection
Malware may not be blocked by other technologies such as IPS or AV and therefore a good anti-malware engine must be deployed to help in the fight against this principal threat. Next Generation Firewall malware protection features can include indications of compromise based on event correlation, site reputation and sandboxing reports.
4. Use security intelligence feeds
This feature enables integration of near real-time global intelligence feeds to identify and block bad domains and emerging malware sites before they cause damage
5. Enable Sandboxing
Sandboxing is a useful tool in identifying and preventing attacks, it provides the ability to run and analyse executable code in an isolated environment. The results can be fed back to the NGFW to block or allow a file
6. User and Application Control
Compliance regulations mandate auditing capability that logs who, what, when users are accessing systems. You can configure a Next Generation Firewall to log and control what your users are doing and when they are allowed to. Importantly it can also manage and minimise the impact of non-productivity applications such as Netflix during business hours.
7. Web Filtering and Protection
Blocks individual sites or categories that are either suspect or have no business relevance e.g. adult content, job portals etc. Suspect sites are also commonly used to inject malware onto unsuspecting visitors.
8. Segmentation of the network
Segment your internal networks into logical groups and protect each segment via an interface on your Next Generation Firewall. That way you will protect against lateral spread if a virus/malware gets in.
9. Log everything
A logging solution should be in place and logs from all critical assets sent to the logging solution. This will provide an invaluable tool for any future analysis especially when a breach occurs
If you are not utilising the above capabilities it will leave you susceptible to threats that could otherwise have been mitigated. Make sure your security team is familiar with Next Generation Firewall capabilities and take full advantage of the available features to ensure your network is protected against the full spectrum of threats. Get more bang for your NGFW buck.
Free eBook: A View of the Cybercrime Threat Landscape
$2,235,018 per year
The average amount SMBs spent in the aftermath of a
cyber attack or data breach due to damage or theft of IT
assets and disruption to normal operations.
The amount is staggering, and enough to jeopardize the viability of
many companies. Yet the business benefits that come with the internet,
Cloud computing and other applications are impossible to forego
and remain competitive.
That’s why business owners and executives are asking one question:
- Is our internet safe?
If your service provider can’t demonstrate how it is making you
company less likely to become a victim of cybercrime, then it is time
to consider alternatives.
In this eBook, we’ll outline what companies are up against
today, and how Cisco Umbrella can help bring you peace of mind.