Enterprise security used to be simple: All your corporate assets were housed on-premise, the only leaks came from within. External threats had to climb the ramparts of your digital fortress; the higher you built your walls, the more difficult it would be to penetrate.
Now, with virtualization, cloud, and BYOD, those corporate assets that were nestled safely within the walls of your digital fortress are now venturing across the draw bridge and into the open air. Or, even worse, are your employees inviting these threats into your network like a Trojan Horse?
How prepared is your IT for the future of business productivity? Ask yourself these three basic questions:
1. What does the cyber threat landscape look like?
There are several trends shaping the enterprise security market:
Evolving threat landscape – Data and analytics critical to scale
- 2014 had an all-time high of 24 discovered zero-day vulnerabilities
- Top 5 zero-days left companies without a patch for 295 days
Rapid shift to mobile and internet of things (IoT) – Resurgence of Endpoint
- 113% increase in “ransomware,” resulting in 45x more devices held hostage
- IoT risks rising – 20% of apps used on connected devices leave personal information vulnerable. Today attacks hit ATMs and home routers; tomorrow's targets are cars, medical devices and street signals.
Increasing cloud adoption – Perimeter irrelevant; data protection is the mandate
- 28% of malware was Virtual Machine Aware
Lack of security skills – growth in “Security as a Service”
- 60% of all targeted attacks struck the SMB space
- 5 out of 6 large companies attacked; a 40% increase over 2013
- More than 317 million new pieces of malware created last year; 1 million new threats created daily
Cybersecurity – Governments/regulators playing ever larger roles
- Healthcare up 37% -- *4th year in a row for reporting the largest number of data breaches.
- Retail up 11% -- *Responsible for 59 percent of all identities exposed in 2014 (1B in last 2 years)
- Education up 10%
- Government up 8%
- Financial up 6% -- *Responsible for 23 percent of all identities exposed in 2014
2. What does that mean to me as an IT professional?
In order to feel save and confident in moving business forward despite these digital threats, IT must develop a strategy that centers around 4 key pillars:
Advanced Threat Protection (endpoint security, datacenter security, and gateway security) that expands from the traditional protection posture to detection and response. It includes swift response to advanced threats such as APTs and zero day attacks that require pro-active detection and the fastest remediation across all control points -- with the fewest false positives.
Information Protection for On-premise and Cloud (data loss prevention, encryption, VIP, PKI, and access management) that moves beyond the on premise / PC-centric world to Cloud and Mobile. In particular, our strategy is to ensure protection of data and identities regardless of where the data resides: on premise, in transit, or in the cloud.
Security as a Service to help organizations manage their security environments that goes beyond the traditional monitoring service and offers incident response, applied intelligence, and security simulation services.
Unified Security Analytics to convert an unparalleled amount of generated telemetry into actionable intelligence.
3. What do I need to do to prepare myself?
You have already taken the first step: Educating yourself for this ensuing threat to your IT infrastructure. If you found any of the above statistics or services relevant to your current needs, we encourage you to click the banner below and contact a SoftwareONE Symantec expert.
Related blog posts: