Securing the Digital Transformation

Key Takeaways from Cisco Live Berlin 2017

by Ron Meyran

Digital Transformation is the Core of Every Business

2016–2017 introduced the era of Digital Transformation. Digital transformation is the change associated with the application of digital technology in all aspects of human society. Digital transformation inherently enables new types of innovation and creativity to increase business competency rather than simply going paperless.

Ruba Borno PhD, Vice President Cisco Growth Initiatives, shared Cisco’s vision that the only future-proofed solution for digital transformation is a next-generation secure network. Security is no longer static, and securing all the organization’s access points is no simple task. IoT, mobile work force, cloud applications and increased sophistication of attackers and attack methods require better preparation. Organizations need to fundamentally change how they build, manage and secure networks.

Digital transformation was the apparent theme across this year’s Cisco Live Berlin. With security becoming the key enabler for any organization IT investment, this paper covers the key trends in securing the digital transformation, along with new solutions announcements covered at Cisco Live Berlin 2017.

Attackers Are Relentless; Defenders Are Tired

Attackers have infinite time to plan their next attack: choose a victim, gather intelligence, select the right attack tools, test them, coordinate an attack and then launch the attack at their convenience. There are plenty of attack tools available at the Clearnet and the Darknet, and there are plenty of opportunities to strike again and again — till success.

Defenders, on the other hand, have to overcome every attack attempt. They do not have a second chance. They have limited budget, their job is at stake, and they need to keep up with education, training, selecting the right solutions and maintaining an effective security posture.

This is where the difference between detection and protection becomes critical. To protect against attacks you need first to detect that you are under attack. Security solutions often focus on shortening the time to detect. Yet, they also need to shorten the time to protect — this is where automation becomes important. Solutions that automate more stages of the attack lifecycle will be more successful in dealing with the more dynamic, automated attacks organizations experience today.

Ransomware Becomes a Major Threat

I urge you to watch ransomware — an anatomy of an attack. This video, played at multiple Cisco Live sessions, provides an insight to an attacker’s daily work. It is about the details. The attacker does not need to develop any tool or software. They only need to select the right tools from an endless variety and use them smartly.

DDoS attacks have also joined the mix of ransom attacks by slowing down organization operations and even completely shutting down their online presence.

What can you do against ransomware? Although widely discussed during multiple sessions at Cisco Live Berlin 2017, I have not seen a solution that is truly designed to address this threat. Cisco speakers discussed a multi-layered security approach where they highlighted some capabilities in their solutions that can help improve a business security posture against the ransom threat.

What can you do to fight this threat? As always, prevention is the key. And prevention is about education, education and again — education. Attackers lure employees to open unsolicited mails, download software updates and harness multiple social engineering techniques. You need to be more suspicious and ask yourself if this is a safe operation beforehand.

DDoS Attacks Are On the Rise

We know how to protect endpoints — desktops, laptops and other mobile devices. We know how to protect our enterprise network. We use firewalls, intrusion prevention systems, anti-virus, anti-malware and other perimeter network security solutions.

What we do not know is how to protect infrastructure against DDoS attacks. Data centers, service providers and cloud providers are all vulnerable to network flood attacks. The recent Dyn attack and the celebrity Mirai botnet are clear reminders that we need to get ready.

IoT is a real threat. We are adding 1 million devices per hour to the internet and the majority of them are directly accessible with no or limited security measures. A 1 terabit-per-second DDoS attack is expected this year 2017.

We need to think differently. DDoS attacks are not a problem of specific organizations. It is a problem of the community. Attack mitigation should start at the service providers’ network and leverage to the enterprise data center. It should be more simple and manageable.

Read more: http://ow.ly/76mF309rgRs