To help our customers find out about the latest trends in cyber security and the measures they must now take to protect their businesses, Presidio recently interviewed Joe Leonard, VP Cyber Security Solutions, and Ernest Dunn, Director of Secure Networks. Their valuable insights provided appear below:
What cyber security trends are you seeing right now?
Leonard: Daily or weekly we’re hearing about the latest breach and the impact it had on an organization. Presidio has noticed a trend where senior executives are being engaged by their board members to find out what is the strategy is to protect their organization. In many cases, the customers are unsure on what actions they should take to develop the strategy.
What are your thoughts when you hear a customer say, “I don’t know what I don’t know”
Leonard: I have customers look at the CIS Top 20 Critical Security Controls and I tell them to focus on the top 5 controls. I go over why not knowing could lead to a bad outcome. The CIS Top 5 Controls focus on Foundational Cyber Hygiene. It is very important to know; (1) what devices are connected to the network, (2) what applications exist and are vulnerable, (3) how to implement secure configurations, (4) what vulnerabilities exist in the environment and (5) who has admin access to critical systems. If you don’t know the answers for the top 5 controls you should be concerned and your organization could be at high risk.
What techniques do attackers rely on to compromise organizations?
Leonard: Hackers rely on many different techniques, but the most common method for penetrating business infrastructures is through email phishing attacks where they try to trick end-users into clicking on a malicious link. Once a hacker gains access, they look for ways to laterally expand their access to other system resources. What we primarily see, and is now the big buzz word in the industry, are Advanced Persistent Threats (APT). These threats truly are more advanced in terms of the havoc they can cause within the IT infrastructure and applications of a business.
What do customers struggle with in relation to security?
Dunn: Cyberattack threats have increased to the point where our customers feel they need to allocate time from all levels of their organization to successfully address the issue. For example, when we work with customers on assessments, it’s very common for the board of directors to attend the meetings. They want to understand the risk to their organizations, and for some customers, the attacks have caused significant damage to their business and their reputation. Our customers tend to struggle with their lack of understanding of the threats—when they think of cyber security, they think about what they hear about in the news. But if you ask them what the real threats are and the damage they can cause, they don’t seem to know.
Why do legacy controls like firewalls and antivirus solution fall short?
Dunn: Firewalls and antivirus solutions lack the ability to protect customers from modern cyber-attacks because they were designed in a different time. Firewalls were originally designed to protect a select group of devices on an enterprise network while antivirus tools target attacks that go through those firewalls defenses. Now, with the ever-increasing mobility of organizations and their end-users, those borders are blurring, and firewalls are not as effective as they used to be. Many end users use their laptops, tablets and smartphones outside of their company’s security perimeters for significant amounts of time each day, so this represents a major risk for businesses of all sizes.
Cisco is thought of by many as a routing and switching company. What should customers know about Cisco’s cyber security offerings to change that perception?
Dunn: Here at Presidio, we emphasize how Cisco is the only vendor in the security space that offers a comprehensive cyber security portfolio covering the entire attack continuum. Cisco provides protection for networks, data centers and the cloud. They also offer solutions for protecting mobile devices and endpoints—there’s really no other manufacturer that can match the breadth Cisco offers.
What services and solutions does Presidio offer that can help customers protect their businesses?
Dunn: When it comes to cyber security, the power of the Presidio/Cisco partnership comes from the breadth of security services and the combined solutions we offer to provide protection from advanced attacks. Between our two companies, we work with some of the largest and most recognizable organizations in the world—federal, state and local governments, Fortune 100 companies as well as organizations with 500 seats. No matter the business size, we provide a level of security that’s appropriate for each business.
Leonard: Many of our customers are looking for a solution to address today’s cyber security challenges. Presidio has developed a Next Generation Risk Management (NGRM) program that provides continuous risk management. The NGRM program consists of yearly and quarterly baseline assessments and remediation, compromise assessments, architecture analysis and roadmap, governance (NIST Cyber Security Framework and ISO27001/2) and architecture design and implementation services. Presidio also partners with Cisco Systems to include their Active Threat Analytics (ATA) Managed Services and Incident Response (IR) services to strengthen the services offering.