Security: 3 key areas to lock down now. Ebook

Similar documents
Security by Default: Enabling Transformation Through Cyber Resilience

CYBER RESILIENCE & INCIDENT RESPONSE

DIGITAL TRUST Making digital work by making digital secure

Managed Endpoint Defense

External Supplier Control Obligations. Cyber Security

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

NEXT GENERATION SECURITY OPERATIONS CENTER

THE ACCENTURE CYBER DEFENSE SOLUTION

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

CYBER SECURITY AIR TRANSPORT IT SUMMIT

DDoS MITIGATION BEST PRACTICES

A custom excerpt from Frost & Sullivan s Global DDoS Mitigation Market Research Report (NDD2-72) July, 2014 NDD2-74

AKAMAI CLOUD SECURITY SOLUTIONS

RSA INCIDENT RESPONSE SERVICES

Gujarat Forensic Sciences University

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

Incident Response. Tony Drewitt Head of Consultancy IT Governance Ltd

HOSTED SECURITY SERVICES

A Simple Guide to Understanding EDR

RESELLER LOGO RADICALLY BETTER. DDoS PROTECTION. Radically more effective, radically more affordable solutions for small and medium enterprises

RSA RISK FRAMEWORKS MAKING DIGITAL RISK MANAGEABLE

RSA INCIDENT RESPONSE SERVICES

Service Provider View of Cyber Security. July 2017

Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018

Cyber Security and Data Protection: Huge Penalties, Nowhere to Hide

Nine Steps to Smart Security for Small Businesses

GDPR Update and ENISA guidelines

Security-as-a-Service: The Future of Security Management

Cyber Security Strategy

2018 GLOBAL CHANNEL PARTNER SURVEY THYCOTIC CHANNEL PARTNER SURVEY REPORT

ForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Elevation of Privilege

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Data Theft

AT&T Endpoint Security

align security instill confidence

O N L I N E I N C I D E N T R E S P O N S E C O M M U N I T Y

to Enhance Your Cyber Security Needs

HOW TO HANDLE A RANSOM- DRIVEN DDOS ATTACK

How DDoS Mitigation is about Corporate Social Responsibility

Security Awareness Training Courses

Enterprise D/DoS Mitigation Solution offering

SIEM: Five Requirements that Solve the Bigger Business Issues

Securing Digital Transformation

Are we breached? Deloitte's Cyber Threat Hunting

Transforming Security from Defense in Depth to Comprehensive Security Assurance

Borderless security engineered for your elastic hybrid cloud. Kaspersky Hybrid Cloud Security. #truecybersecurity

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Virus Outbreak

WHITEPAPER HEALTHCARE S KEY TO DEFEATING CYBERATTACKS

STAY ONE STEP AHEAD OF THE CRIMINAL MIND. F-Secure Rapid Detection & Response

Best Practices in Securing a Multicloud World

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

Combating Cyber Risk in the Supply Chain

U.S. State of Cybercrime

with Advanced Protection

6 KEY SECURITY REQUIREMENTS

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

Ransomware piercing the anti-virus bubble

Position Description. Computer Network Defence (CND) Analyst. GCSB mission and values. Our mission. Our values UNCLASSIFIED

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Unauthorized Access

Paper. Delivering Strong Security in a Hyperconverged Data Center Environment

Protecting your data. EY s approach to data privacy and information security

2015 VORMETRIC INSIDER THREAT REPORT

SOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

CYBER SECURITY TAILORED FOR BUSINESS SUCCESS

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?

Insider Threat Detection Including review of 2017 SolarWinds Federal Cybersecurity Survey

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Malware Outbreak

Cybersecurity and Hospitals: A Board Perspective

White Paper. Why IDS Can t Adequately Protect Your IoT Devices

THE CRITICAL COMMUNICATIONS COMPANY CYBER SECURITY AS A SERVICE

COPYRIGHT 2018 NETSCOUT SYSTEMS, INC. 1

Top 10 most important IT priorities over the next 12 months. (Percent of respondents, N=633, ten responses accepted)

Supporting the NHS to Improve Cyber Security. Presented by Chris Flynn Security Operations Lead NHS Digital s Data Security Centre

SOLUTION BRIEF ASSESSING DECEPTION TECHNOLOGY FOR A PROACTIVE DEFENSE

Cyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)

Moving from Prevention to Detection March 2017

Cyber Attack: Is Your Business at Risk?

Information Security Controls Policy

Bring Your Own Device (BYOD)

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

HP Fortify Software Security Center

ENTERPRISE ENDPOINT PROTECTION BUYER S GUIDE

Industry 4.0 = Security 4.0?

Keys to a more secure data environment

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco

SECURITY SERVICES SECURITY

PROTECTION FOR WORKSTATIONS, SERVERS, AND TERMINAL DEVICES ENDPOINT SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

NEN The Education Network

Perimeter Defenses T R U E N E T W O R K S E C U R I T Y DEPENDS ON MORE THAN

Security in India: Enabling a New Connected Era

CROWDSTRIKE FALCON FOR THE PUBLIC SECTOR

Incident Response Services to Help You Prepare for and Quickly Respond to Security Incidents

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Cloud for Government: A Transformative Digital Tool to Better Serve Communities

Cyber Security and Cyber Fraud

Industrial control systems

Transcription:

1 Security: 3 key areas to lock down now Ebook

2 The situation today The current landscape is hyperconnected and always on, with more and more devices continually being added to the global network. As of 2017, there were 27 billion connected devices globally, with this number expected to grow to 125 billion by 2030¹. As more devices are added to the network, so the number of security threats continues to grow. Hackers are also becoming more sophisticated and attacks more frequent. In 2017, the number of cyber-attacks increased by 164% worldwide, compared to 2016². According to Gartner, ransomware will increase as a significant and real threat to enterprises throughout 2018. Ransomware is now a favoured weapon for malicious actors, with statistics showing a remarkable increase in the amount of ransomware activity throughout the world. One agency tracked a massive increase in ransomware families with over 700% growth since 2016. Particularly vulnerable are those using legacy technology, which is typically found in Public Sector organisations. These organisations hold sensitive and personal data, which is of great value to cyber criminals. Despite working with limited IT budgets, security needs to be on top of the agenda. Regardless of the advancement in network security tools and policies, many companies still struggle to effectively protect their networks and environment from attacks. Because technology has developed so rapidly, as security threats increase, organisations are scrambling to find the right security solutions they need to keep their assets safe. In 2017, 67% of all businesses in the UK invested in cyber security, highlighting how companies are becoming increasingly aware of the dangers they face. The number of security threats continue to increase exponentially, so a proactive approach to security is vital for the survival of small and big businesses alike. 48% of UK enterprises, government and education organisations have experienced multi vector attacks Local authorities receive on average 37 attacks per minute Cyber-crime accounted for almost 30% of all crimes recorded in the UK from July 2016 to July 2017 On average, it takes 120 days for a business to realise that its data has been compromised

3 The challenge Skilled cyber criminals are capable of bypassing perimeter defenses, and no single security solution can sufficiently shield a network from every type of attack. New forms of malware and ransomware continue to be developed, with ransomware growth in 2017 topping 2,500% globally³. How real is the risk of Cyber Security? Businesses continue to suffer from cyber security breaches with significant financial implications, but the reporting of breaches remains uncommon. Just under half (46%) of all UK businesses identified at least one cyber security breach or attack in the last 12 months. This rises to two-thirds among medium firms (66%) and large firms (68%). Overall, businesses that hold electronic personal data on customers are more likely than average to have had breaches (51% versus 46%). Nonetheless, breaches are still prevalent among organisations whose senior managers consider cyber security a low priority (35%), and in firms where online services are not at all seen as core to the business (41%)⁴. Bring Your Own Device (BYOD), cloud network innovation and IT consumerisation have made network security more complex. As the network grows, so does the perimeter and with more and more data shifting to and from the cloud, more points of vulnerability are exposed. All data and assets must be secure both in and out of the cloud all of the time. The pressure to have robust safeguards in place to prevent cyber-attacks and critical data breaches is paramount. The UK s implementation of European Commission s Network and Information Systems (NIS) directive imposes fines of up to 17m to leaders of Britain s most critical industries if they leave themselves vulnerable to cyber-attacks⁵. What is the NIS Directive? The Networks and Information Systems (NIS) Directive aims to raise levels of the overall security and resilience of network and information systems across the EU. Network and information systems and the essential services they support play a vital role in society, from ensuring the supply of electricity and water, to the provision of healthcare and passenger and freight transport. Their reliability and security are essential to everyday activities. The UK will be implementing the NIS Directive. Its implementation is an opportunity to put mechanisms in place that drive real improvements to national cyber security. The deadline for member states transposing the Directive into domestic legislation is 9 May 2018. Confronting large, highly interconnected networks, complex computing environments and an unpredictable threat landscape, it s no wonder many IT departments struggle to secure the expertise and resources necessary to safeguard their networks.

4 3 key areas to lock down No matter what your business goals are, as your business grows, so does its perimeter. Securing all data and assets is a must. We ve identified 3 key security areas that you need to lock down to keep your data and assets safe: Endpoints Endpoint security is all about migrating the risk and the potential reach of any intrusion. Endpoint security protects all endpoints such as servers, desktops, laptops, smartphones and other Internet of Things (IoT) devices that your organisation is connected to. These endpoints are critical components and capturing audit information on what is occurring at any one time is key to early identification of an attack. Effective endpoint security requires 24x7 visibility of all activity taking place on all endpoints in order to detect any malicious activity. New endpoint detection and response, or EDR technology, offers greater capability and more comprehensive assessment of the endpoint as well as being able to provide automated responses to threats such as endpoint isolation and ransomware detection. Enhanced endpoint security can also provide in depth analytics and forensic data, so investigators can determine how the attack occurred once a breach has been detected. By knowing how and where in the environment the attack started, which devices were impacted, and if any data has been stolen, this valuable information can help speed up the incident response and remediation.

5 Networks Network security protects the usability and integrity of your network. Reliable and effective network security will manage all access to your network resources, while targeting threats and preventing them from gaining entry or spreading throughout your entire network. Network security combines multiple layers of security measures at both the perimeter and within the network. Each individual layer has its very own controls, allowing those authorised to gain access to the network resources, whilst recognising and blocking cyber criminals from carrying out malicious attacks. There are various types of network security, including access control, threat prevention, email security, web security and firewalls, to protect your employees, your data and ultimately your reputation.

6 Cloud Cloud computing continues to transform the way organisations use, store, and share data, applications and workloads. As more and more organisations store data and applications in the cloud, a whole host of security threats and challenges are created. With so much data going into the cloud particularly into public cloud services these resources become ideal targets for hackers. From data leakage, account hacking, or Distributed Denial of Service (DDoS), a security breach which restricts access to these critical applications could disable a range of different services, leave users without legitimate access and even bring your business to a halt. By extending your security wrap into the cloud and cloud firewall appliances, you can monitor the performance, behaviors and events in the cloud and react accordingly to uphold the security of your data and applications.

7 Best practices As a security specialist, we provide a fully managed security service that includes products at multiple layers from the access network, through the core and out to the perimeter. This includes securing data in transit through encryption services, the identification and classification of attacks, intrusion detection and prevention, through to the protection of users data in filtering and SPAM services. A case study Background Operationally, this Capita customer was highly dependent on their integrated Financial Management and eprocurement applications that were developed in-house and used daily by approximately 900 employees. The software had been continually enhanced over time with each update fully tested with their Microsoft Windows Server 2003 and XP 32-Bit environment. Security challenge As Service Pack support and therefore security patching were no longer available for their Microsoft Windows Server 2003 and XP operating systems, there was an elevated risk that these systems could be compromised by malicious cyber-attacks, such as WannaCry or Petya ransomware, or susceptible to electronic data loss. Upgrading the Windows Server and XP machines would require the wholesale redevelopment of their in-house applications, enabling them to run on a 64-bit operating system. However, in the near to medium term, this was deemed not to be a feasible option. Solution To mitigate the risk of using non-supported Windows operating systems, an Advanced Endpoint Protection service (Traps ) was implemented through Capita and rolled out to over 1200 endpoints, 800 desktop PC s, 100 laptops and 310 servers. A successful attack must complete a sequence of events to steal information or run ransomware and nearly every attack relies on compromising an endpoint. Traps disrupts an attack before it can infect an endpoint. By combining multiple methods of prevention, Traps blocks security breaches and successful ransomware attacks that leverage malware and exploits, known or unknown, before they can compromise the endpoints. It automatically isolates infected endpoints, prevents malicious use and mitigates the risk of cyber breaches. Our client is not only extremely satisfied that they have successfully mitigated the risk of cyber-attacks, but they have estimated a 1.2 million saving by not having to immediately redevelop their in-house applications.

8 A case study Background A local County Council website was targeted by a DDoS attack with the source emanating from China, Russian Federation, USA, Germany and Japan. The attack was an NTP amplification, a type of Distributed Denial of Service (DDoS) attack in which the attacker exploits publically-accessible Network Time Protocol (NTP) servers to overwhelm the target with User Datagram Protocol (UDP) traffic. Security challenge This resulted in their Internet circuit (1Gbps) and firewall being overwhelmed with UDP traffic volumes that reached 13 Gbps, which not only prevented public access to their website but also stopped their staff from accessing the Internet. The attacks were intermittent lasting up to 10 minutes throughout a 24 hour period, which made it difficult to track down the root cause of the outages. Solution Once the root cause was determined to be an external attack, within a matter of days Capita was able to configure their network to utilise their DDoS Mitigation Service, which subsequently stopped future DDoS attacks that occurred over a 7 day period.

9 Detection vs Prevention: A balancing act From classic attacks such as data theft, to denial of service, data destruction and ransomware, we re under no illusion that security attacks are on the increase. These sophisticated threats, incessantly targeting organisations around the globe, are pressuring IT departments, both in the public and private sectors, to strike a balance between detection and prevention to keep their businesses safe. As IT infrastructure gets more complex and moves into the cloud, into business units and shadow IT, vulnerability management must evolve from a merely repetitive process to one that quickly adapts with IT changes. Through the use of industry-leading technology to combat threats, we help security and risk management leaders find the balance between threat detection and prevention, with a 360 degree view to threats against the business. This real-time early warning enables us to deploy a rapid response to manage the threat and minimise the reputational and financial impact to your organisation. From patch-orientated security practices and system hardening, to 24x7x365 monitoring and incident response, our accredited Security Operations Centre (SOC) ensures complete risk mitigation against large scale attacks, to ensure your public facing services remain available and your reputation intact.

10 Our network security services Endpoint Advanced Endpoint Protection Service - disrupts an attack before it can infect an endpoint. By combining multiple methods of prevention, Traps blocks security breaches and successful ransomware attacks that leverage malware and exploits, known or unknown, before they can compromise the endpoints. It automatically isolates infected endpoints, prevents malicious use and mitigates the risk of cyber breaches Networks DDoS Mitigation Service - mitigates DDoS attacks targeting online presence or other Internet reachable assets Advanced esafety Services - including perimeter application aware firewall, threat prevention (including 0 Day) and URL filtering/ policy control Firewall Assurance Service - collects and analyses firewall rules and configurations and compares them against a defined local security policy template, regulatory compliance requirements and best practice policies Vulnerability Scanning Service - provides a cost-efficient way to deliver security assurance testing through a vulnerability assessment of the Infrastructure and assets Cloud Advanced Endpoint Protection Service - disrupts an attack before it can infect an endpoint. By combining multiple methods of prevention, Traps blocks security breaches and successful ransomware attacks that leverage malware and exploits, known or unknown, before they can compromise the endpoints. It automatically isolates infected endpoints, prevents malicious use and mitigates the risk of cyber breaches Advanced esafety Services - including perimeter application aware firewall, threat prevention (including 0 Day) and url filtering/ policy control SIEM Service - The SIEM Service, managed by our central Security Operational Centre (SOC), identifies and responds to customer security incidents. Whether it is network traffic, user activity, or application use, any variation from normal activity could indicate that a threat is imminent and or the customer s data or infrastructure is at risk

11 How our security services protect your organisation

12 The world is not a safe place. But we re making it safer. We offer a premium security service and threat intelligence with unrivalled support. It s time to get secure. For more information, or to take part in a security self-assessment to fully understand your strengths and weaknesses, contact us at: networks@capita.co.uk

13 Security: 5 strategies 3 key to build areas faster to lock and down better nowconnectivity in the UK Capita IT and Networks 30 Berners Street, London W1T 3LR +44(0)117 311 5757 www.capita-it.co.uk Sources 1. https://technology.ihs.com/596542/number-of-connected-iot-devices-will-surge-to-125-billion-by-2030- ihs-markit-says 2. https://www.cnbc.com/2017/09/20/cyberattacks-are-surging-and-more-data-records-are-stolen.html 3. https://www.carbonblack.com/2017/10/11/dark-web-ransomware-economy-growing-annual-rate-2500/ 4. Department for Culture Media and Sport, Cyber security breaches survey 2017 5. https://www.gov.uk/government/news/government-acts-to-protect-essential-services-from-cyber-attack

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback