Evolving Cyber Security Attacks Bypass Legacy Protective Measures

Q&A with Ernest Dunn, Presidio and Peter Romness, Cisco
08/12/14 at 06:36 am

To help our customers find out about the latest trends in cyber security and the measures they must now take to protect their businesses, Presidio recently interviewed Ernest Dunn, our Director of Secure Networks, as well as Peter Romness—Cisco’s Cyber Security Business Development Manager for the Public Sector. The valuable insights that Ernest and Peter provided appear below:

What cyber security trends you are seeing right now?

Dunn: We’ve seen the number of cyber attacks grow at an alarming rate. Every year, attacks amount to a $400 billion problem for organizations, and the attacks now hit a different tier of business than we saw in the past—literally impacting almost every type of customer we work with. The attackers use a variety of interesting techniques and are becoming more sophisticated in the ways they target and attack our customer base. 

What techniques do attackers rely on to compromise organizations?

Romness: Hackers rely on many techniques, but one that is very common for penetrating business infrastructures is phishing—either through email or through website scams where they try to trick end-users into clicking on a malicious link. Once hackers gain access to a network through phishing, they then use many techniques. What we primarily see, and is now the big buzz word in the industry, are advanced persistent threats. These threats truly are more advanced in terms of the havoc they can cause within the IT infrastructure and applications of a business.

Why do legacy controls like firewalls and antivirus solution fall short?

Dunn: Firewalls and antivirus solutions lack the ability to protect customers from modern cyber attacks because they were designed in a different time. Firewalls were originally designed to protect a select group of devices on an enterprise network while antivirus tools target attacks that go through those firewalls defenses. Now, with the ever-increasing mobility of organizations and their end-users, those borders are blurring, and firewalls are not as effective as they used to be. Many end users use their laptops, tablets and smartphones outside of their company’s security perimeters for significant amounts of time each day, so this represents a major risk for businesses of all sizes.

What do customers struggle with in relation to security?

Dunn: Cyberattack threats have increased to the point where our customers feel they need to allocate time from all levels of their organization to successfully address the issue. For example, when we work with customers on assessments, it’s very common for the board of directors to attend the meetings. They want to understand the risk to their organizations, and for some customers, the attacks have caused significant damage to their business and their reputation. Our customers tend to struggle with their lack of understanding of the threats—when they think of cyber security, they think about what they hear about in the news. But if you ask them what the real threats are and the damage they can cause, they don’t seem to know.

Romness: If you talk to business managers, they struggle contending with their board of directors and their customers, who all want to know, “What are you doing about cyber security?”. Managers also are not sure where to turn to, with multiple vendors offering the “latest and the greatest” solution. Cisco actually has some large customers working with more than 80 vendors that only provide cyber security services for the data center. Many customers are simply overwhelmed.

How can customers better protect themselves from modern attacks?

Romness: Attackers can use many different methods to get in and do their damage so multi-tiered approach is needed.  While the traditional methods such as firewalls, intrusion prevention, email and web protection are still needed and effective, the most advanced threats still get in.  Advanced protection methods monitor network activity and detect anomalous behavior in an automated process.  They also track all traffic allowing threats to be removed retrospectively.

Cisco is thought of by many as a routing and switching company. What should customers know about Cisco’s cyber security offerings to change that perception?

Dunn: Here at Presidio, we emphasize how Cisco is the only vendor in the security space that offers a comprehensive cyber security portfolio covering the entire attack continuum. Cisco provides protection for networks, data centers and the cloud. They also offer solutions for protecting mobile devices and endpoints—there’s really no other manufacturer that can match the breadth Cisco offers.

Romness: For the few parts of cyber security that we don’t cover, we work very well with partners, such as Presidio, that can bring all of the pieces together and provide a complete solution to our customers.

What services and solutions does Presidio offer that can help customers protect their businesses?

Dunn: When it comes to cyber security, the power of the Presidio/Cisco partnership comes from the breadth of security services and the combined solutions we offer to provide protection from advanced attacks. Between our two companies, we work with some of the largest and most recognizable organizations in the world—federal, state and local governments, Fortune 100 companies as well as organizations with 500 seats. No matter the business size, we provide a level of security that’s appropriate for each business.


WATCH MORE of Ernest and Peter's take on Cyber Threats here: https://www.youtube.com/watch?v=AIaH5H2t6RQ&list=UUFiRYYo7EyMpX-YEj0Kholg

LEARN MORE about Presidio's Cyber Security solutions here - http://www.presidio.com/technologies-trends/technologies/security