Partner Perspectives  Connecting marketers to our tech communities.
SPONSORED BY
8/15/2017
09:00 AM
Amy James
Amy James
Partner Perspectives
50%
50%

In Search of the Security Unicorn: Unified, Adaptive Defense

How enterprises can get an edge over innovative cybercriminals by creating a cycle of continual security posture adjustment within their own organizations.

Over the years, we’ve seen a lot of security tools come and go, while, at the same time, cybercriminals have built massive organizations that are operated with all the bells and whistles of a major corporation. According to Cybersecurity Ventures, the costs of cybercrime will grow to $6 trillion by 2021. That’s more than the GDP of a number of countries.

As a result of this explosive cybercrime growth, attackers can fund technology innovation that makes their endeavors more efficient and more destructive. One of their favorite and most cost-effective tactics is the adaptive exploit. This is malware that has been around for some time, then gets tweaked with a minor modification which makes it appear as 'never before seen.' It is both difficult to detect and very successful.

With all this dark side innovation, enterprise cyber defense is being soundly challenged.  One reason is because legacy security tools were built to solve a particular problem at a particular point in time. As threat conditions change, those aging tools do not. A lot of this has to do with the static nature of hardware and the labor-intensive nature of manually created policies. But even if a company conducts a rip- and-replace security refresh with the latest and greatest next generation stateful firewalls and advanced malware services, defense can be compromised if the enforcement policies that feed the solution are out of date or incomplete. Also, because these kinds of refreshes are expensive and time consuming, some companies put them off, which leads to unintended vulnerabilities. Ultimately, when these solutions are replaced with devices and capabilities similar to their predecessors, cybercrime innovation will again outperform the new system, continuing the cycle of security gaps.

Empowering Security with Automation

Take a page from our adversaries’ book and empower your cybersecurity solution with an adaptability engine that keeps protection current with dynamically generated enforcement directives created on the fly from real time intelligence on new threats entering the network -- and from the threat conditions already inside the network. As part of this protection ecosystem, orchestration of advanced enforcement policies is automated so that when conditions change, the enforcement adapts.

You’ll still have a network comprised of firewalls, switches and other devices from multiple vendors, but they will be unified in protecting your organization through a centralized point of data collection, processing and learning resulting in an agile security platform able to react to new threats in real time and predict future threat activity.

A truly adaptive and unified security platform will give organizations the edge over innovative cybercrime because it knows what matters most at any given moment in the threat environment, and can anticipate what happens next, creating a cycle of continual security posture adjustment.

This concept is not that new but it is one that few security providers have been able to deliver. For one reason, success in this arena requires open architectures with many integration hooks. With rigid frameworks, enterprises can find themselves locked into a specific vendor. Furthermore, according to a 2015 ZK Research Security Survey, with the average large enterprise operating with more than 32 security vendors in its environment, it may be near impossible for organizations to engineer a unified front. As you think about what comes next for your cybersecurity strategy, it is crucial to choose an approach that is built from the ground up to be adaptive, unified and effective. 

Amy James is a key security thought leader at Juniper Networks in her role as Lead Portfolio Marketing Manager for Security. She analyzes trends and conditions in the cybercrime climate to drive the narrative for Juniper's security portfolio. Out of her roots in email ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
More Than Half of Users Reuse Passwords
Curtis Franklin Jr., Senior Editor at Dark Reading,  5/24/2018
Is Threat Intelligence Garbage?
Chris McDaniels, Chief Information Security Officer of Mosaic451,  5/23/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-11471
PUBLISHED: 2018-05-25
Cockpit 0.5.5 has XSS via a collection, form, or region.
CVE-2018-11472
PUBLISHED: 2018-05-25
Monstra CMS 3.0.4 has Reflected XSS during Login (i.e., the login parameter to admin/index.php).
CVE-2018-11473
PUBLISHED: 2018-05-25
Monstra CMS 3.0.4 has XSS in the registration Form (i.e., the login parameter to users/registration).
CVE-2018-11474
PUBLISHED: 2018-05-25
Monstra CMS 3.0.4 has a Session Management Issue in the Administrations Tab. A password change at admin/index.php?id=users&action=edit&user_id=1 does not invalidate a session that is open in a different browser.
CVE-2018-11475
PUBLISHED: 2018-05-25
Monstra CMS 3.0.4 has a Session Management Issue in the Users tab. A password change at users/1/edit does not invalidate a session that is open in a different browser.