Next-Generation Security as a Service Offers Protection Against Emerging Threats
The power of the cloud can deliver advanced cyberdefense to organizations of any kind.
In today’s information-centric environments, every organization is justifiably concerned about cybersecurity. Customers, organizational leaders, regulators and other stakeholders all demand that organizations prioritize protecting the confidentiality, integrity and availability of sensitive information. At the same time, enterprises are operating in an increasingly risky threat environment filled with more sophisticated attackers seeking to undermine security controls.
This feedback loop of increased demand for security and growing risk of cyberattack puts IT leaders in a dilemma. How can they continue to protect against cybersecurity risk when it is often difficult to add additional staff to the payroll? One way that organizations are rising to this challenge is the adoption of cloud-based services that provide state-of-the-art products that are continually updated to thwart new threats.
Recognizing the need for more sophisticated controls in today’s threat environment, cloud security service providers are now offering next-generation security controls to their customers. From firewalls and intrusion prevention systems to advanced identity and access management solutions, organizations can find the answers to many of their security needs in the cloud.
The Constantly Evolving Security Threat
Where and how cyberattackers strike is a shifting and evolving matrix. Fueled by increases in the number and diversity of internet-connected devices, organizations find themselves facing an uphill battle as they strive to defend themselves against many different types of attacks. In a recent survey of IT professionals conducted by McAfee and the Aspen Institute, 70 percent believe cybersecurity threats to their organizations are escalating. Operating in today’s environment requires that security professionals and other leaders collaborate to prioritize their investments in information security controls.
Media attention given to major security incidents in 2014 and 2015 sparked an interest in security issues among leaders, from the board level down to line managers. Breaches at the federal Office of Personnel Management and several major businesses led to many “what if” questions about practices within organizations everywhere. One of the core realizations for many was that it simply isn’t possible to completely prevent security breaches. They can and do occur, even to well-defended organizations. Enterprises must implement security strategies that not only reduce the likelihood of security incidents, but also minimize the effect of successful attacks through strong security controls and proactive incident response processes.
Many security experts advocate a defense-in-depth approach to information security issues. This approach calls for adopting a layered defense of overlapping security controls that can withstand the failure of a single security technology. Cloud security services facilitate defense in depth by providing responsive, rapidly updated security services that might otherwise be too difficult or cost-prohibitive for an organization to build on their own.
Advanced Persistent Threats
In today’s threat environment, the primary risk facing an organization is no longer the lone cyberattacker toiling away in a basement in the wee hours of the morning. Today’s threats can come from sophisticated groups of attackers who are highly skilled, well-funded and sponsored by government agencies, military groups or terrorist organizations. These groups, which use sophisticated techniques known as advanced persistent threats (APTs), pose a significant risk to the security of any organization they choose to target.
APTs aren't used to leverage known vulnerabilities to gain access to an organization. They involve ongoing research and development designed to identify new vulnerabilities cyberattackers can use against their targets. These types of zero-day vulnerabilities may not be known to the software or device vendor and, therefore, may remain unpatchable, rendering them extremely potent as access tools.
APTs are used in a highly specific manner. Rather than broadly seeking out vulnerable targets, cyberattackers that employ APTs identify specific organizations that have coveted information or resources and then skillfully attack that target. The highly organized nature of these attacks leverages reconnaissance, stealthy techniques and operational security controls designed to prevent a target from ever learning that its network was compromised. These sophisticated threats require advanced, next-generation security controls.
The Cloud Delivers Security
Organizations across many industries depend on cloud security solutions for a wide variety of enterprise needs. The value these solutions offer is the ability to leverage the broad expertise of vendor security specialists and reduce the administrative burden on enterprise IT teams. Cloud security solutions also bring unique benefits to many security disciplines, including anti-virus protection, email security, web application security and enterprise mobility management.
Most anti-virus technology depends on signature detection approaches that use databases of known malware objects. In the traditional approach to anti-virus protection, each client downloads signature files from a central repository, and the anti-virus software is only as good as the most recent update. Failing to update anti-virus signatures results in dangerous security vulnerabilities.
Cloud-based approaches to anti-virus technology remove this update burden from an organization’s IT staff by performing malware analysis in the cloud. Whenever an anti-virus client discovers a suspicious file, it sends a digital hash of that file to the cloud service for analysis and evaluation. The service provider keeps the cloud database current, and these updates improve security for all clients in real time.
Cloud-based email security services function in a similar manner, offloading the analysis of inbound email messages to a cloud provider. An organization’s IT staff simply configures the domain to automatically route incoming messages to the cloud security service before delivery to users. The service can then perform anti-virus screening, spam filtering and other content-based security checks on messages, quarantining any suspicious content before delivery to individual mailboxes. Cloud-based email systems also provide encryption technology designed to add confidentiality to the exchange of sensitive messages both inside and outside an organization.
Cloud-based web security provides significant benefits to web applications. From a server perspective, cloud-based web application firewalls can filter out malicious traffic, protecting an organization from distributed denial-of-service attacks, SQL injections, cross-site scripting and other malicious requests. Cloud web security services also extend protection to end users, filtering out requests for malicious websites or other content that violates an organization’s security policy.
Organizations also turn to the cloud for easy-to-administer enterprise mobility management (EMM) products. These solutions provide a simple, web-based way to manage the many mobile devices that exist in modern organizations. Administrators may leverage policy templates provided by the EMM vendor or develop custom policies that ensure secure device configurations, prevent the installation of unwanted mobile apps and track lost or stolen devices to facilitate recovery or data wiping.
These cloud services share several common benefits. They boost security by allowing the incorporation of real-time threat updates. They enable organizations to leverage state-of-the-art security technology without major increases in staff. They also typically offer cost benefits over in-house solutions by leveraging economies of scale across many clients.