• Home

  • Documents

  • Network World QuickPulse Web Security Challenges How to Overcome Web Security ... · 2015. 9....
2
Network World QuickPulse * Web Security Challenges How to Overcome Web Security Challenges (and Sleep Well at Night) No one would deny that business use of technol- ogy has changed dramatically in light of mobile and the cloud. Behind the scenes, however, lurks a dif- ferent story, as the IT department frantically works to maintain an effective level of protection with the same technologies and strategies it’s used for the past 10 to 15 years. As a result, IT is struggling to prevent and detect attacks. Security professionals know that the risk of malware infection is high. They also know that their efforts to mitigate this risk are falling short, and it’s keeping them up at night. The challenges they face, as identified via a survey by IDG Research Ser- vices, are a good indicator that it’s time to catch up with the rest of the business and address security with a solution built for the twenty-first century. This paper explains how IT organizations can improve security more quickly, easily and effectively with a cloud-based Web security solution than by con- tinuing with appliance-based solutions. Attempts to Secure the Modern Workplace Security has always been a priority for IT profes- sionals, but unfortunately, efforts to effectively protect the environment have failed time and again. When IT departments are faced with new technolo- gies such as mobile devices or cloud services, their initial reaction is to prohibit them. Without proper security controls and technologies in place, this is the only way IT knows to protect corporate assets. But prohibiting technology works for only a short time—if at all. Executives tell IT to make it work (in the case of, for example, smartphones), or users go around IT altogether, resulting in shadow IT. Even when tools do become available, first-generation security controls are often rejected by users, as with mobile device management (MDM) solutions in bring-your-own-device (BYOD) environments. When prohibiting a technology fails, the security team will do the best it can by using the tools it has; most often these are old security technologies. But the evidence suggests that that doesn’t work either. The study by IDG Research Services is proof. The participating IT professionals said their No. 1 chal- lenge in delivering Web security is multiple devices’ creation of numerous entry points into the corpo- rate network—the worst of all worlds. Among the respondents, 45 percent cited a lack of the continu- ous visibility needed to detect advanced attacks and 38 percent said existing blocking and preven- tion solutions are insufficient to protect against advanced attacks. These are scary numbers. Obviously, taking a Band-Aid approach to secu- rity doesn’t work, and it never will. Legacy solutions were not built to protect a dynamic multiplat- form, multidevice, multi-infrastructure world from advanced threats. It’s time for IT organizations to evolve their security strategy to address the needs of today’s computing environment. Requirements for a Modern Web Security Solution To determine what is needed for a modern Web se- curity solution, we have only to look at how existing Web security solutions are lacking. The IT profes- sionals were asked to rate the performance of their existing solutions in the following areas: continuous monitoring, attack prevention, attack detection and protection speed (how quickly new threats, or “zero-hour vulnerabilities,” are blocked). In any SPONSORED BY: Source: IDG Research, August 2015 Top Challenges in Delivering Web Security Multiple devices creating numer- ous “entry points” (laptops, tablets, smartphones) Lack of the continuous visibility needed to detect advanced attacks Lack of resources to implement new security solutions Difficulty assessing your organiza- tion’s level of risk/threat profile No clear or uniform strategy for “incident response” (response is ad-hoc/reactive) Existing blocking and prevention solutions are insufficient to protect against advanced attackers 48% 45% 43% 39% 39% 38%

Network World QuickPulse Web Security Challenges How to Overcome Web Security ... · 2015. 9. 17. · Network World QuickPulse * Web Security Challenges How to Overcome Web Security

  • Upload
    others

  • View
    2

  • Download
    0

Embed Size (px)

Citation preview

Page 1: Network World QuickPulse Web Security Challenges How to Overcome Web Security ... · 2015. 9. 17. · Network World QuickPulse * Web Security Challenges How to Overcome Web Security

Network World QuickPulse * Web Security Challenges

How to Overcome Web Security Challenges (and Sleep Well at Night)No one would deny that business use of technol-ogy has changed dramatically in light of mobile and the cloud. Behind the scenes, however, lurks a dif-ferent story, as the IT department frantically works to maintain an effective level of protection with the same technologies and strategies it’s used for the past 10 to 15 years. As a result, IT is struggling to prevent and detect attacks.

Security professionals know that the risk of malware infection is high. They also know that their efforts to mitigate this risk are falling short, and it’s keeping them up at night. The challenges they face, as identified via a survey by IDG Research Ser-vices, are a good indicator that it’s time to catch up with the rest of the business and address security with a solution built for the twenty-first century. This paper explains how IT organizations can improve security more quickly, easily and effectively with a cloud-based Web security solution than by con-tinuing with appliance-based solutions.

Attempts to Secure the Modern WorkplaceSecurity has always been a priority for IT profes-sionals, but unfortunately, efforts to effectively protect the envi ronment have failed time and again.

When IT departments are faced with new technolo-gies such as mobile devices or cloud services, their initial reaction is to prohibit them. Without proper security controls and technologies in place, this is the only way IT knows to protect corporate assets. But prohibiting technology works for only a short time—if at all. Executives tell IT to make it work (in the case of, for example, smartphones), or users go around IT altogether, resulting in shadow IT. Even when tools do become available, first-generation security controls are often rejected by users, as with mobile device management (MDM) solutions in bring-your-own-device (BYOD) environments.

When prohibiting a technology fails, the security team will do the best it can by using the tools it has; most often these are old security technologies. But the evidence suggests that that doesn’t work either. The study by IDG Research Services is proof. The participating IT professionals said their No. 1 chal-lenge in delivering Web security is multiple devices’ creation of numerous entry points into the corpo-rate network—the worst of all worlds. Among the respondents, 45 percent cited a lack of the continu-ous visibility needed to detect advanced attacks and 38 percent said existing blocking and preven-tion solutions are insufficient to protect against advanced attacks. These are scary numbers.

Obviously, taking a Band-Aid approach to secu-rity doesn’t work, and it never will. Legacy solutions were not built to protect a dynamic multiplat-form, multidevice, multi-infrastructure world from advanced threats. It’s time for IT organizations to evolve their security strategy to address the needs of today’s computing environment.

Requirements for a Modern Web Security Solution To determine what is needed for a modern Web se-curity solution, we have only to look at how existing Web security solutions are lacking. The IT profes-sionals were asked to rate the performance of their existing solutions in the following areas: continuous monitoring, attack prevention, attack detection and protection speed (how quickly new threats, or “zero-hour vulnerabilities,” are blocked). In any

SPONSORED BY:

Source: IDG Research, August 2015

Top Challenges in Delivering Web Security

Multiple devices creating numer-ous “entry points” (laptops,

tablets, smartphones)

Lack of the continuous visibility needed to detect

advanced attacks

Lack of resources to implement new security solutions

Difficulty assessing your organiza-tion’s level of risk/threat profile

No clear or uniform strategy for “incident response” (response

is ad-hoc/reactive)

Existing blocking and prevention solutions are insufficient to protect

against advanced attackers

48%

45%

43%

39%

39%

38%

Page 2: Network World QuickPulse Web Security Challenges How to Overcome Web Security ... · 2015. 9. 17. · Network World QuickPulse * Web Security Challenges How to Overcome Web Security

given area, fewer than half of the respondents rated their solution as being highly effective.

When it comes to protection speed, one-third of the respondents rated their solution as either not very or not at all effective, yet protection speed is crucial. The longer a vulnerability remains exposed, the greater the risk that it will be exploited. This reflects directly back to the need for continuous monitoring. As today’s threats evolve in a matter of minutes, continuous, real-time updates are critical to keep protection current.

Likewise, the ability of a Web security solu-tion to detect and prevent an attack is limited by its ability to recognize the threat. Given the short lifespan of many modern threats, a vulnerability can be exploited and the malware can morph before a legacy Web security solution is even updated with the original threat information.

If nothing else, the poor performance ratings IT professionals gave their legacy Web security solu-tions make it clear that it’s time for a new approach.

The Last—and Only—OptionFortunately, there is another way—and it addresses all these challenges. The best model for delivering security is one in sync with how the business uses technology today, because it’s based on and deliv-ered in the very same way. Cloud-based business applications make functionality available to users—wherever they are, on whatever device they use. The cloud can do exactly the same for security. A cloud-based Web security solution also meets IT’s need for continuous monitoring, attack prevention/

detection and protection speed, because the protec-tion is always up to the moment.

CYREN WebSecurity is a cloud-based secure Web gateway replacement that provides continu-ous, comprehensive Internet security for users on any device, on any network, in any place. To ensure the best protection against modern threats, CYREN uses a unique combination of automated engines and human analysts to continuously classify the cur-rent status of the Web against a real-time database of more than 150 million URLs. Users are always protected against new threats as they emerge, without time-consuming updates. In addition, IT organizations can define, apply and enforce accept-able use policies for the Web. In a matter of minutes, policies can be set by user, group, location, time of day and/or device type.

CYREN WebSecurity also provides complete visibility into Web use across all devices, wherever users might be and however they connect to the Internet. All Web access is consolidated and logged, providing a detailed picture of how the Web is used across the organization, and an advanced dash-board provides instant insight into current threats and overall Web traffic.

As a cloud-based solution, CYREN WebSecurity reduces the complexity of the security infrastructure and minimizes the total cost of ownership. There’s no hardware or software to deploy or maintain or costly backhaul routing to bring remote users’ traffic to central appliances. Traffic is simply routed to the cloud for industry-leading threat protection. System setup can be accomplished in just a few clicks, and the process of enrolling users in the system can be fully automated, so the time and resources required to switch your security to the cloud are minimized.

ConclusionAny job is more difficult without the proper tools. The challenges associated with securing today’s com-puting environment come from using static legacy technologies that were never intended to do the job they’re being made to do now. These technologies were designed to protect places and things, but today’s computing environment demands protection for users. When IT organizations switch their security approach from securing fixed computing assets to protecting users on whatever device they use, these challenges not only go away but you also immedi-ately create a more secure environment. ■

Network World QuickPulse * Web Security Challenges

For more information, visit www.CYREN.com

Source: IDG Research, August 2015

How is Your Web Security Performance?

Continuous monitoring

Attack prevention

Attack detection

Protection speed (how fast zero-hour vulner-

abilities are blocked

11%

16%

13%

7%

11%

11%

14%

18%

5%

4%

5%

13%

34%

27%

21%

27%

39%

43%

46%

36%

45%

43%

34%

34%

Extremely effective Very effective Somewhat effective

Not very effective Not at all effective

% Extremely/Very Effective


We shall overcome, we shall overcome some day, deep in my heart I do believe. We shall overcome some day

We shall overcome, we shall overcome some day, deep in my heart I do believe. We shall overcome some day

Documents
How to Overcome

How to Overcome

Documents
Cisco Services Platform Collector 2.8.1 · SECURITY BUGS ... Following features are added in this release to enhance security and to overcome the operational issue. ... TE & CE endpoints

Cisco Services Platform Collector 2.8.1 · SECURITY BUGS ... Following features are added in this release to enhance security and to overcome the operational issue. ... TE & CE endpoints

Documents
Building an Ontology of Cyber Securitystids.c4i.gmu.edu/papers/STIDSPapers/STIDS2014_T8... · security to overcome the current limits of the state of the art. Keywords— cyber security,

Building an Ontology of Cyber Securitystids.c4i.gmu.edu/papers/STIDSPapers/STIDS2014_T8... · security to overcome the current limits of the state of the art. Keywords— cyber security,

Documents
Declining Job Securitydeclining job security. In this paper, I define job security in the context of implicit contracts designed to overcome incentive problems in the employment relationship

Declining Job Securitydeclining job security. In this paper, I define job security in the context of implicit contracts designed to overcome incentive problems in the employment relationship

Documents
SECURITY CONCERNS OVERCOME: CUSTOMERS ......SECURITY CONCERNS OVERCOME: CUSTOMERS MOVING TO SAAS A Cloud Security Study 3 10 5 13 17 STAYING SECURE WITH SAAS Despite the wide prevalence

SECURITY CONCERNS OVERCOME: CUSTOMERS ......SECURITY CONCERNS OVERCOME: CUSTOMERS MOVING TO SAAS A Cloud Security Study 3 10 5 13 17 STAYING SECURE WITH SAAS Despite the wide prevalence

Documents
SECURITY CONCERNS OVERCOME: CUSTOMERS MOVING TO SAAS€¦ · migrate core enterprise applications to the cloud. SAAS VENDORS TAKE SECURITY SERIOUSLY ... has to be able to trust in

SECURITY CONCERNS OVERCOME: CUSTOMERS MOVING TO SAAS€¦ · migrate core enterprise applications to the cloud. SAAS VENDORS TAKE SECURITY SERIOUSLY ... has to be able to trust in

Documents
Adapt. Improvise, Overcome

Adapt. Improvise, Overcome

Documents
ENABLING THE RURAL POOR TO OVERCOME POVERTY Gender and Household Food Security

ENABLING THE RURAL POOR TO OVERCOME POVERTY Gender and Household Food Security

Documents
Overcome Your Small List Overcome Being a ‘Newbie’ Overcome Lack of Experience

Overcome Your Small List Overcome Being a ‘Newbie’ Overcome Lack of Experience

Documents
TOGETHER WE OVERCOME

TOGETHER WE OVERCOME

Documents
Overcome the hurdles_tla_04.18.12

Overcome the hurdles_tla_04.18.12

Education
Applying Lean Principles to Overcome Challenges of Software Security in Agile Mode of Operation

Applying Lean Principles to Overcome Challenges of Software Security in Agile Mode of Operation

Documents
Real LOVE ovecomes evil with good! Rom.1-3. Overcome Evil with Good Do not be overcome by evil, But overcome evil with good. Do not be overcome by evil

Real LOVE ovecomes evil with good! Rom.1-3. Overcome Evil with Good Do not be overcome by evil, But overcome evil with good. Do not be overcome by evil

Documents
Strategies to Overcome: --Limited Staff & Resources, --Stakeholders with Competing Missions --Security & Privacy Challenges

Strategies to Overcome: --Limited Staff & Resources, --Stakeholders with Competing Missions --Security & Privacy Challenges

Documents
Overcome Anything

Overcome Anything

Documents
Vocabulary PowerPoint. overcome Cesar Chavez worked hard to overcome, or conquer, hardships

Vocabulary PowerPoint. overcome Cesar Chavez worked hard to overcome, or conquer, hardships

Documents
Top 10 Security Concerns of Windows Mobile (and how to Overcome them)

Top 10 Security Concerns of Windows Mobile (and how to Overcome them)

Business
Overcome fear

Overcome fear

Business
Keating Overcome Paradox

Keating Overcome Paradox

Documents
Overcoming Common Mobile Data Security Hurdlescdn.ttgtmedia.com/.../Mobile+Data+Security+Guide.pdfonly heighten your mobile data security, but overcome common hurdles. In this exclusive

Overcoming Common Mobile Data Security Hurdlescdn.ttgtmedia.com/.../Mobile+Data+Security+Guide.pdfonly heighten your mobile data security, but overcome common hurdles. In this exclusive

Documents
How to overcome BYOD security implications

How to overcome BYOD security implications

Technology
2013 Technology Holiday Shopping QuickPulse Survey Bob ODonnell, Founder and Chief Analyst

2013 Technology Holiday Shopping QuickPulse Survey Bob ODonnell, Founder and Chief Analyst

Documents
Working to Overcome - University of Huddersfield Repositoryeprints.hud.ac.uk/24666/1/full_ash_pack_2015_June__2015.pdf · Working to Overcome Anxiety ... help you overcome your fears

Working to Overcome - University of Huddersfield Repositoryeprints.hud.ac.uk/24666/1/full_ash_pack_2015_June__2015.pdf · Working to Overcome Anxiety ... help you overcome your fears

Documents
Overcome your-fear

Overcome your-fear

Education
Overcome Procrastination

Overcome Procrastination

Education
Intellectual Property Survey Q2_2014. Purpose & Method Purpose: InsideCounsel conducted a QuickPulse survey to gain a deeper understanding of intellectual

Intellectual Property Survey Q2_2014. Purpose & Method Purpose: InsideCounsel conducted a QuickPulse survey to gain a deeper understanding of intellectual

Documents
How to Overcome Content Security Concerns in the Cloud

How to Overcome Content Security Concerns in the Cloud

Technology
Security Intelligence - Can Big Data Analytics Overcome Blind Spots - Logrhythm

Security Intelligence - Can Big Data Analytics Overcome Blind Spots - Logrhythm

Documents
THE WOMEN, PEACE AND SECURITY AGENDA … · The objective of the Women, Peace and Security Agenda is to overcome these deficits through a gender-equitable domestic and foreign policy

THE WOMEN, PEACE AND SECURITY AGENDA … · The objective of the Women, Peace and Security Agenda is to overcome these deficits through a gender-equitable domestic and foreign policy

Documents