Delivering Cyber Security Confidence for the Modern Enterprise

Similar documents
SOLUTION BRIEF FPO. Imperva Simplifies and Automates PCI DSS Compliance

SOLUTION BRIEF. Enabling and Securing Digital Business in API Economy. Protect APIs Serving Business Critical Applications

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

AKAMAI CLOUD SECURITY SOLUTIONS

E-BOOK. Healthcare Cyber Security and Compliance Guide

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

THALES DATA THREAT REPORT

Automating the Top 20 CIS Critical Security Controls

Best Practices in Securing a Multicloud World

Imperva Incapsula Website Security

THE STATE OF MEDIA SECURITY HOW MEDIA COMPANIES ARE SECURING THEIR ONLINE PROPERTIES

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

Building Resilience in a Digital Enterprise

Comprehensive Database Security

5 Trends That Will Impact Your IT Planning in Layered Security. Executive Brief

A custom excerpt from Frost & Sullivan s Global DDoS Mitigation Market Research Report (NDD2-72) July, 2014 NDD2-74

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

SIEMLESS THREAT DETECTION FOR AWS

Challenges and. Opportunities. MSPs are Facing in Security

INSIDE. Integrated Security: Creating the Secure Enterprise. Symantec Enterprise Security

CloudSOC and Security.cloud for Microsoft Office 365

Teradata and Protegrity High-Value Protection for High-Value Data

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

RESELLER LOGO RADICALLY BETTER. DDoS PROTECTION. Radically more effective, radically more affordable solutions for small and medium enterprises

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

CROWDSTRIKE FALCON FOR THE PUBLIC SECTOR

Windows Server The operating system

THE ACCENTURE CYBER DEFENSE SOLUTION

The Credential Phishing Handbook. Why It Still Works and 4 Steps to Prevent It

Run the business. Not the risks.

SIEMLESS THREAT MANAGEMENT

CA Security Management

Are we breached? Deloitte's Cyber Threat Hunting

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Evolution of Spear Phishing. White Paper

Perimeter Defenses T R U E N E T W O R K S E C U R I T Y DEPENDS ON MORE THAN

IBM Cloud Internet Services: Optimizing security to protect your web applications

STOPS CYBER ATTACKS BEFORE THEY STOP YOU. Prepare, recognize, and respond to today s attacks earlier with Verizon Security Solutions.

June 2 nd, 2016 Security Awareness

Securing Your Amazon Web Services Virtual Networks

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

SIEM Solutions from McAfee

Office 365 Buyers Guide: Best Practices for Securing Office 365

Paper. Delivering Strong Security in a Hyperconverged Data Center Environment

Securing Your Microsoft Azure Virtual Networks

The 2017 State of Endpoint Security Risk

The Top 6 WAF Essentials to Achieve Application Security Efficacy

Preparing your network for the next wave of innovation

ALIENVAULT USM FOR AWS SOLUTION GUIDE

Panda Security 2010 Page 1

FTA 2017 SEATTLE. Cybersecurity and the State Tax Threat Environment. Copyright FireEye, Inc. All rights reserved.

Borderless security engineered for your elastic hybrid cloud. Kaspersky Hybrid Cloud Security. #truecybersecurity

Cloud Security Myths Paul Mazzucco, Chief Security Officer

Copyright 2011 Trend Micro Inc.

Achieving End-to-End Security in the Internet of Things (IoT)

Securing Cloud Applications with a Distributed Web Application Firewall Riverbed Technology

THE BUSINESS CASE FOR OUTSIDE-IN DATA CENTER SECURITY

Securing Today s Mobile Workforce

Next Generation Privilege Identity Management

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

Modern Database Architectures Demand Modern Data Security Measures

Verizon Software Defined Perimeter (SDP).

WHITEPAPER. How to secure your Post-perimeter world

CIO INSIGHTS Boosting Agility and Performance on the Evolving Internet

Shortcut guide to Web application firewall deployment

Clearing the Path to Micro-Segmentation. A Strategy Guide for Implementing Micro- Segmentation in Hybrid Clouds

Transforming Security from Defense in Depth to Comprehensive Security Assurance

Power of the Threat Detection Trinity

Express Monitoring 2019

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

3 Ways Businesses Use Network Virtualization. A Faster Path to Improved Security, Automated IT, and App Continuity

THE SIX ESSENTIAL CAPABILITIES OF AN ANALYTICS-DRIVEN SIEM

Managing EUC Threats. 3 Simple Ways To Improve Endpoint SECURITY

Achieving Java Application Security With Parasoft Jtest

Security and Compliance for Office 365

Defense in Depth. Constructing Your Walls for Your Enterprise. Mike D Arezzo Director of Security April 21, 2016

Emerging Technologies The risks they pose to your organisations

6 Vulnerabilities of the Retail Payment Ecosystem

SYMANTEC DATA CENTER SECURITY

Information Security Is a Business

2017 Annual Meeting of Members and Board of Directors Meeting

Imperva CounterBreach

WHITEPAPER. Protecting Against Account Takeover Based Attacks

Enterprise D/DoS Mitigation Solution offering

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

Copyright 2016 EMC Corporation. All rights reserved.

Evolved Backup and Recovery for the Enterprise

DIGITAL TRUST AT THE CORE

New Zealand National Cyber Security Centre Incident Summary

NETSURION DEFENSE AGAINST BACKOFF: How Netsurion Effectively Protected Against Threats

SOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM

TRUE SECURITY-AS-A-SERVICE

Entertaining & Effective Security Awareness Training

Privileged Account Security: A Balanced Approach to Securing Unix Environments

HP Fortify Software Security Center

Spotlight Report. Information Security. Presented by. Group Partner

An ICS Whitepaper Choosing the Right Security Assessment

HOW TO CHOOSE A NEXT-GENERATION WEB APPLICATION FIREWALL

Integrated Access Management Solutions. Access Televentures

Securing Digital Transformation

Transcription:

Delivering Cyber Security Confidence for the Modern Enterprise

Executive Summary Traditional network and endpoint security cannot keep pace with the industrialization of cyber crime, the growing sophistication of cyber threats, insider abuse, increasing user mobility and the wholesale changes cloud computing is bringing to IT service delivery. What s needed instead, and what Imperva enables with its solutions, is an approach to cyber security that is focused on protecting business-critical data and applications wherever they are located, in the cloud or on-premises. For organizations that share our vision and subscribe to such an approach, the benefits to be gained include: Reduced risk of successful cyber-attacks, data breaches and other incidents that can lead to substantial recovery and lost opportunity costs, erosion of customer confidence and potentially irreparable brand reputation damage A more resilient, longer-lived and affordable cyber security infrastructure An easier and more efficient way for ensuring and demonstrating compliance with an ever-growing set of data security regulations 2

Successful Attacks, Breaches on the Rise Hardly a month goes by without another high-profile cyber-attack and corresponding data breach making the headlines. Major healthcare sites, leading entertainment companies, popular retail chains, government agencies and venerable financial institutions have all been hit hard, and repeatedly, over the past couple of years. And what we learn about on the web and in the popular press is only the tip of the proverbial iceberg. According to one report, 76 percent of organizations were victimized by cyber-attacks in 2015, up from 70 percent a year earlier.¹ 76% of organizations were affected by a successful cyberattack in 2015 low security awareness among employees is the biggest inhibitor to defending against cyber threats 1 2016 Cyberthreat Defense Report, CyberEdge Group, April 2016 3

As if the frequency of successful cyber-attacks is not enough, there is also the ensuing business impact to consider. The exposure of tens of millions of records containing sensitive employee, customer, or constituent data, the theft of countless credit and debit cards, disclosure of business-critical intellectual property and the loss of employment as responsible parties are invariably let go in the wake of such crises are only the beginning. Added to that are the direct costs associated with recovery which can run into the tens of millions of dollars as well as the loss of brand reputation and lost opportunity costs. For one retailer, profit for the quarter during which they announced a major breach dropped a crushing 46 percent compared to the same quarter a year earlier. The bottom line is that no one is immune. Because it is not a matter of if you ll be attacked but when, dealing with cyber threats and data breaches has become the new reality for organizations of all types and sizes worldwide. For one retailer, profit for the quarter during which they announced a major breach dropped a crushing 46% compared to the same quarter a year earlier. 4

Why Traditional Defenses are No Longer Sufficient It s easy to attribute the prevalence of breaches to the presence of a determined and well-equipped adversary. After all, the industrialization of hacking over the past decade has put an arsenal of sophisticated attack tools and monetization capabilities in the hands of just about anyone who cares to look for them. However, it doesn t help the situation that many of today s organizations make it easy for their foes - or insiders - to compromise business-critical information by relying too heavily on traditional network and endpoint defenses. Although network firewalls, intrusion detection and prevention systems (IDS/IPSs), antivirus software, personal firewalls and similar countermeasures still have a role to play, the simple truth of the matter is that there are too many ways around or even through such defenses. For example, what happens when: Attackers use compromised credentials to steal data or cause damage in the corporate network; Insiders, with legitimate access to corporate data, perform careless actions with your enterprise data, or exploit privileges with malicious intent; Industrial hackers steal credentials to purchase goods or services with money stolen over time; Attackers gain entry into the corporate network by taking advantage of open communication paths intended to support legitimate business applications; Mobile users bypass perimeter defenses by bringing infected mobile devices into the office and directly connecting them to the corporate network; Attackers exploit input validation weaknesses or other vulnerabilities in custom web applications to trick systems into divulging records stored in connected databases; or, Adversaries use custom-crafted application requests to consume a disproportionate amount of back-end computing services, ultimately rendering businesscritical applications unresponsive? The problem is that traditional security strategies and technologies fail to adequately account for the lightning fast evolution of cyber threats and the attack surface area implications of user mobility and cloud delivery of IT services.

The Evolution of Cyber Threats Once satisfied with door-rattling and other low-level attacks intended to boost their reputations, most hackers are now focused on stealing data that can be monetized, making a political statement or outright extortion. This has led to the industrialization of cyber crime and a corresponding explosion in the volume, diversity, and sophistication of the cyber threats that afflict today s organizations. Basic website defacement attacks and nuisance viruses continue to fade into the background as elaborate spear-phishing campaigns, credential-stealing malware and targeted attacks now command center stage. And once-dominant, network-layer exploits are now being joined by entire classes of new threats designed to target applications and data more directly. Furthermore, industrialization enables hackers to combine multiple, point exploits into highly sophisticated multi-vector attacks, and then launch these attacks at massive scale. The net result is the need for defenses not only that focus more directly on protecting data and applications, but that are also capable of counteracting multiple types of threats used in concert. The Journey to the Cloud Greater flexibility and faster time to market are only two of the powerful lures driving the use of cloud computing as an alternative to traditional datacenter designs for delivering IT infrastructure and services. With essential data and apps often straddling both environments, the need is growing for defenses that provide consistent protection of key resources regardless of their location, in the cloud or on-premises. The Rise of User Mobility User mobility poses multiple problems for traditional security models. When they are in the field, mobile users and their devices often operate without the benefit of perimeter defenses. Upon returning to the office, they then connect to points behind the perimeter, easily spreading any malware picked up in their travels. Steadily growing adoption of bring-your-own-device (BYOD) practices compound this risk by taking the choice, implementation and configuration of client-side countermeasures out of the hands of IT and placing it into those of individual users. Restoring security effectiveness in this case depends on deploying defenses in the immediate vicinity of business-critical resources, rather than solely at the network perimeter. 6

A Better, More Secure Way Forward Since being founded in 2002, Imperva has had a singular purpose and vision of enabling organizations to protect what matters most: businesscritical data and the applications that serve as conduits to it. In contrast to traditional security strategies and technologies, the result of this focus is a portfolio of solutions that inherently accounts for ongoing changes to threat and technology landscapes, in addition to broader changes in the ways organizations architect and utilize their computing systems. Beyond the fundamental principle of focusing on data and applications, other strengths of the Imperva approach to cyber security are revealed by exploring the details of how, where and when our solutions defend these all-important assets. Imperva has had a singular purpose and vision of enabling organizations to protect what matters most: business-critical data and applications. 7

What Imperva Defends Despite the never-ending changes to how cyber threats penetrate and propagate through a network, the end game remains constant: accessing valuable structured and unstructured information. By delivering web application, database, file, cloud application and DDoS protection solutions that directly attend to this end game, Imperva eliminates the need for organizations to explicitly adjust their defenses for every new trick or technique that attackers incorporate into their methods and wares. In addition, innovative technologies extend this advantage all the way to the application layer by enabling our security solutions to automatically learn application and user behavior changes over time. How Imperva Defends Equally important to what we defend is how we defend it. In this regard, the core capabilities of the Imperva solutions center on three functional requirements of an effective security strategy: discover, protect and comply. Multiple discovery engines work together to identify data and application assets throughout your computing environment, uncover associated vulnerabilities and generate a clear picture of the related risk to your organization. Ongoing monitoring further enhances both the asset inventory and risk pictures, for example, by providing insight into user behavior patterns and exposing network and system-level activity indicative of cyber threats. An extensive portfolio of protective mechanisms work to defend your organization s web applications, databases, Big Data platforms, file systems and cloud-based assets from both known and unknown threats. Real-time alerting and blocking of bots, protocol exploits, SQL injection and cross-site scripting exploits. A powerful combination of automated data discovery and classification including the ability to monitor and audit access to virtually all sensitive data; and streamlined, regulation-specific reporting capabilities to help ensure compliance with industry mandates and regulations, such as SOX, HIPAA and PCI DSS. A customer in the financial industry relies on Imperva SecureSphere to prevent in real time outside attacks from ever reaching sensitive data. With world-class deployment and operational support from Imperva, they placed all their production databases under its management in just one month. 8

Where Imperva Defends Imperva safeguards data and applications both in the cloud and onpremises. The option to deploy essential security solutions on robust hardware appliances that deliver high performance and fail-open interfaces for high availability operations, is only a starting point. Virtual private, hybrid and public cloud initiatives are also enabled through support for many other deployment options and scenarios, including: Virtual appliances for example, on the VMware ESX platform; Amazon Web Services (AWS) and Microsoft Azure for protecting enterprise applications that leverage either of these popular infrastructure-as-a-service (IaaS) offerings; Data and application security as-a-service; and, Establishing protection for all of an organization s software-as-a-service (SaaS) applications. When Imperva Defends Imperva is committed to protecting what matters most to our customers: your data, applications and, in turn, your reputation. Accordingly, we will continue to enhance and expand our product lines Imperva SecureSphere, Imperva CounterBreach, Imperva Incapsula and Imperva Skyfence to stay ahead of ongoing and emerging trends. In addition, we will continue to invest aggressively in our most important asset, our people, especially the world-class security researchers at the Imperva Defense Center tasked with rooting out new attack methods and cyber threats before they impact your business. Imperva is committed to protecting what matters most to you: your data, applications and, in turn, your reputation. 9

Conclusion With the rapid evolution of cyber threats, increasing user mobility and key application and data resources migrating out of the datacenter and into the cloud, it is no longer sufficient to rely on traditional network and endpoint-focused security strategies and technologies. Instead, today s IT security and executive management teams need to consider shifting their investments in cyber-security solutions toward those that more directly and thoroughly protect the organization s businesscritical data and applications, wherever they reside. To learn more about the Imperva approach to cyber security and how our SecureSphere, CounterBreach, Incapsula and Skyfence solutions work to defend your organization s data, applications, infrastructure and reputation, please visit www.imperva.com, or contact an Imperva representative today. 10 2016, Imperva, Inc. All rights reserved. Imperva, the Imperva logo, SecureSphere, Incapsula, ThreatRadar, Skyfence and CounterBreach are trademarks of Imperva, Inc. and its subsidiaries. All other brand or product names are trademarks or registered trademarks of their respective holders. Imperva_Vision_2016_0816_V1

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback