Partner Perspectives  Connecting marketers to our tech communities.
SPONSORED BY
8/15/2017
09:00 AM
Amy James
Amy James
Partner Perspectives
50%
50%

In Search of the Security Unicorn: Unified, Adaptive Defense

How enterprises can get an edge over innovative cybercriminals by creating a cycle of continual security posture adjustment within their own organizations.

Over the years, we’ve seen a lot of security tools come and go, while, at the same time, cybercriminals have built massive organizations that are operated with all the bells and whistles of a major corporation. According to Cybersecurity Ventures, the costs of cybercrime will grow to $6 trillion by 2021. That’s more than the GDP of a number of countries.

As a result of this explosive cybercrime growth, attackers can fund technology innovation that makes their endeavors more efficient and more destructive. One of their favorite and most cost-effective tactics is the adaptive exploit. This is malware that has been around for some time, then gets tweaked with a minor modification which makes it appear as 'never before seen.' It is both difficult to detect and very successful.

With all this dark side innovation, enterprise cyber defense is being soundly challenged.  One reason is because legacy security tools were built to solve a particular problem at a particular point in time. As threat conditions change, those aging tools do not. A lot of this has to do with the static nature of hardware and the labor-intensive nature of manually created policies. But even if a company conducts a rip- and-replace security refresh with the latest and greatest next generation stateful firewalls and advanced malware services, defense can be compromised if the enforcement policies that feed the solution are out of date or incomplete. Also, because these kinds of refreshes are expensive and time consuming, some companies put them off, which leads to unintended vulnerabilities. Ultimately, when these solutions are replaced with devices and capabilities similar to their predecessors, cybercrime innovation will again outperform the new system, continuing the cycle of security gaps.

Empowering Security with Automation

Take a page from our adversaries’ book and empower your cybersecurity solution with an adaptability engine that keeps protection current with dynamically generated enforcement directives created on the fly from real time intelligence on new threats entering the network -- and from the threat conditions already inside the network. As part of this protection ecosystem, orchestration of advanced enforcement policies is automated so that when conditions change, the enforcement adapts.

You’ll still have a network comprised of firewalls, switches and other devices from multiple vendors, but they will be unified in protecting your organization through a centralized point of data collection, processing and learning resulting in an agile security platform able to react to new threats in real time and predict future threat activity.

A truly adaptive and unified security platform will give organizations the edge over innovative cybercrime because it knows what matters most at any given moment in the threat environment, and can anticipate what happens next, creating a cycle of continual security posture adjustment.

This concept is not that new but it is one that few security providers have been able to deliver. For one reason, success in this arena requires open architectures with many integration hooks. With rigid frameworks, enterprises can find themselves locked into a specific vendor. Furthermore, according to a 2015 ZK Research Security Survey, with the average large enterprise operating with more than 32 security vendors in its environment, it may be near impossible for organizations to engineer a unified front. As you think about what comes next for your cybersecurity strategy, it is crucial to choose an approach that is built from the ground up to be adaptive, unified and effective. 

Amy James is a key security thought leader at Juniper Networks in her role as Lead Portfolio Marketing Manager for Security. She analyzes trends and conditions in the cybercrime climate to drive the narrative for Juniper's security portfolio. Out of her roots in email ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Facebook Aims to Make Security More Social
Kelly Sheridan, Associate Editor, Dark Reading,  2/20/2018
SEC: Companies Must Disclose More Info on Cybersecurity Attacks & Risks
Kelly Jackson Higgins, Executive Editor at Dark Reading,  2/22/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.