Get to know us better! Gain valuable insights into how we think by visiting our blog, or take a look at the industry events we're frequenting on our events page. You can also geek out with us by attending one of our security management webinars, or dive head first into the products and solutions we provide in our Resource Library. There's lots to keep you busy!
Unless you’re under a rock, you know that the WannaCry Ransomware cyberattack swept worldwide headlines last week.
Organizations scrambled to apply the latest Microsoft security patch to their computers to prevent the spread of the attack. It’s estimated that the ransomware attack hit more than 300,000 victims in 150 countries.
The story regarding the DDoS attack against Dyn DNS certainly got my attention this morning. Dyn DNS provides DNS managed services for its clients. Familiar names like Twitter, Github, Airbnb and Reddit all appeared to have been impacted. One could draw a conclusion that they were clients of Dyn DNS.
DDoS is not a new form of attack in and of itself. But the methods and strategies around DDoS continue to evolve in the form of larger and more orchestrated attacks. Often, the measure of the level of sophistication of a DDoS attack comes in the form of measured throughput. The attack details are not yet known in this particular attack, but the recent attack against the Krebs security blog is reported to be upwards of 620 Gbps. That is a tremendous amount of data coming at a target all at once.
What causes me to pause and reflect most in regards to this attack and others like it, is that Dyn DNS is a DNS SaaS provider. Their core job is to host and manage DNS services for its clients. The impact and harm has a ripple effect attributed to the various customers Dyn services. As attackers evaluate their targets, and organizations run toward the proverbial cloud for various reasons, it introduces interesting targets for the bad guys.
So what can be done? First, evaluating your dependency on your cloud providers remains a task you cannot outsource. Begin to plan for situations where cyber attacks against you may never be directed at you, but rather organizations you've come to rely on. In the case of this attack and DNS, having a secondary DNS service operating at the same time may have mitigated the impact, even when the primary provider goes down. This is where cloud governance becomes a critical element of a CISO's security program.
So you’ve purchased a new firewall. Now what?
You’ve got to decide which access is allowed, which isn’t allowed and whether or not rules are compliant with internal and regulatory standards.
Things are running along smoothly and then the dreaded “change.” A user submits a new access request and the fun begins. Is this access necessary? Safe? Compliant? And what happens when it’s time to retire unused rules?
How Effective Security Management Can Help Teams Cover the Exponentially Increasing Gap between Technology & the Resources Available to Manage It
Security teams today are under tremendous pressure due to the rising frequency and impact of breaches and a business that wants to move faster and faster. The answer to both of these challenges has always been to add more technology and staff resources.
However, each new technology added creates complexity. More rules are created and more data is generated. As networks continue to evolve, this complexity will only grow. And while staff resources may increase, they will never match the exponential growth of technology.
FireMon calls this phenomenon The Complexity Gap and has set out to help security teams close it.
Join us for this webinar with Frost & Sullivan where we’ll explore the causes of “The Gap” and how workforce multipliers such as intelligence and automation help staff manage their security more efficiently and more effectively.
Helping Enterprise Security Teams Improve Resource Efficiency & Reduce Overall Risk Exposure
Firewall technology has come a long way since its initial, most rudimentary forms. Next-Generation Firewalls (NGFW) are the latest development, and organizations are accelerating adoption to the new technology. But NGFWs aren’t a fix-all solution.