Want to Improve your Cybersecurity Posture? Get Beyond the Usual Suspects

From Equifax to Yahoo, WannaCry and Petra, every month seems to bring with it yet another high-profile attack. Vendors roll out patches and fixes, and questions are asked across the political and security communities. These enquiries and discussions almost always end up concluding that the usual cyber suspects are the culprits, writes Rob Waters, a Global Defense Systems Engineer at ForeScout Technologies, a DLT solutions partner. “Truth is, every high-profile breach has a familiar storyline: old, unpatched vulnerabilities, advanced persistent threats and lack of visibility.” But why do governments and organizations continue to struggle with combating these big breaches? Waters offers a couple of reasons: 1. It’s not easy or cheap to secure an enterprise network using traditional methods. 2. The Internet of Things (IoT) is growing exponentially and increasing the attack surface. By 2020, Gartner predicts that IoT technology will be in 95% of new product designs. Plus, government adoption of IoT is booming, the federal market alone is expected to grow to $3 billion this year. Together, these create big opportunities for the enemy with no face. But traditional cyber solutions are struggling to keep pace. That’s because you can’t protect what you can’t see. Siloed security solutions don’t provide the visibility needed into risks on “…long-forgotten orphan virtual machines, rogue software installations and connected devices. The days of simple, standardized IT infrastructure are over; we are living in a cloud-consuming, SDN-enabled, IoT era,” says Waters. Key to mitigating against the risks posed by the usual suspects, is understanding who has access to data, where that data resides, and what is running on your network. Something that’s increasingly hard to do in multi-vendor environments. Device visibility and orchestration (i.e. tearing down security silos), however, can help. By shining a light on black holes and closing cybersecurity hygiene gaps, agencies can achieve a unified cybersecurity framework that acts as a central hub of intelligence that corrects poor network visibility and delayed responses to cyber threats. Check out Rob’s blog post for more insights on how ForeScout ingests data from leading security tools and automatically responds to detected threats, and much more.