Partner Perspectives  Connecting marketers to our tech communities.
SPONSORED BY
8/15/2017
09:00 AM
Amy James
Amy James
Partner Perspectives
50%
50%

In Search of the Security Unicorn: Unified, Adaptive Defense

How enterprises can get an edge over innovative cybercriminals by creating a cycle of continual security posture adjustment within their own organizations.

Over the years, we’ve seen a lot of security tools come and go, while, at the same time, cybercriminals have built massive organizations that are operated with all the bells and whistles of a major corporation. According to Cybersecurity Ventures, the costs of cybercrime will grow to $6 trillion by 2021. That’s more than the GDP of a number of countries.

As a result of this explosive cybercrime growth, attackers can fund technology innovation that makes their endeavors more efficient and more destructive. One of their favorite and most cost-effective tactics is the adaptive exploit. This is malware that has been around for some time, then gets tweaked with a minor modification which makes it appear as 'never before seen.' It is both difficult to detect and very successful.

With all this dark side innovation, enterprise cyber defense is being soundly challenged.  One reason is because legacy security tools were built to solve a particular problem at a particular point in time. As threat conditions change, those aging tools do not. A lot of this has to do with the static nature of hardware and the labor-intensive nature of manually created policies. But even if a company conducts a rip- and-replace security refresh with the latest and greatest next generation stateful firewalls and advanced malware services, defense can be compromised if the enforcement policies that feed the solution are out of date or incomplete. Also, because these kinds of refreshes are expensive and time consuming, some companies put them off, which leads to unintended vulnerabilities. Ultimately, when these solutions are replaced with devices and capabilities similar to their predecessors, cybercrime innovation will again outperform the new system, continuing the cycle of security gaps.

Empowering Security with Automation

Take a page from our adversaries’ book and empower your cybersecurity solution with an adaptability engine that keeps protection current with dynamically generated enforcement directives created on the fly from real time intelligence on new threats entering the network -- and from the threat conditions already inside the network. As part of this protection ecosystem, orchestration of advanced enforcement policies is automated so that when conditions change, the enforcement adapts.

You’ll still have a network comprised of firewalls, switches and other devices from multiple vendors, but they will be unified in protecting your organization through a centralized point of data collection, processing and learning resulting in an agile security platform able to react to new threats in real time and predict future threat activity.

A truly adaptive and unified security platform will give organizations the edge over innovative cybercrime because it knows what matters most at any given moment in the threat environment, and can anticipate what happens next, creating a cycle of continual security posture adjustment.

This concept is not that new but it is one that few security providers have been able to deliver. For one reason, success in this arena requires open architectures with many integration hooks. With rigid frameworks, enterprises can find themselves locked into a specific vendor. Furthermore, according to a 2015 ZK Research Security Survey, with the average large enterprise operating with more than 32 security vendors in its environment, it may be near impossible for organizations to engineer a unified front. As you think about what comes next for your cybersecurity strategy, it is crucial to choose an approach that is built from the ground up to be adaptive, unified and effective. 

Amy James is a key security thought leader at Juniper Networks in her role as Lead Portfolio Marketing Manager for Security. She analyzes trends and conditions in the cybercrime climate to drive the narrative for Juniper's security portfolio. Out of her roots in email ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
It Takes an Average of 3 to 6 Months to Fill a Cybersecurity Job
Kelly Jackson Higgins, Executive Editor at Dark Reading,  3/12/2019
Cybercriminals Think Small to Earn Big
Dark Reading Staff 3/12/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: LOL  Hope this one wins
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-6149
PUBLISHED: 2019-03-18
An unquoted search path vulnerability was identified in Lenovo Dynamic Power Reduction Utility prior to version 2.2.2.0 that could allow a malicious user with local access to execute code with administrative privileges.
CVE-2018-15509
PUBLISHED: 2019-03-18
Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control (issue 2 of 2).
CVE-2018-20806
PUBLISHED: 2019-03-17
Phamm (aka PHP LDAP Virtual Hosting Manager) 0.6.8 allows XSS via the login page (the /public/main.php action parameter).
CVE-2019-5616
PUBLISHED: 2019-03-15
CircuitWerkes Sicon-8, a hardware device used for managing electrical devices, ships with a web-based front-end controller and implements an authentication mechanism in JavaScript that is run in the context of a user's web browser.
CVE-2018-17882
PUBLISHED: 2019-03-15
An Integer overflow vulnerability exists in the batchTransfer function of a smart contract implementation for CryptoBotsBattle (CBTB), an Ethereum token. This vulnerability could be used by an attacker to create an arbitrary amount of tokens for any user.