SlideShare una empresa de Scribd logo

Internet gateway security: A state of the nation 2014 [whitepaper]

Icomm Technologies
Icomm Technologies

Internet Gateway Security is put into place to protect businesses against the potential security impact of modern technology trends. Yet in our recent survey we found that out of 500 IT Executives, one in seven of hadn't updated their gateway security systems since 2009! In fact over half a million UK businesses are potentially exposed to security attacks with old or untested gateway security. In this whitepaper we go over what is meant by internet gateway security, how cyber-threats have changed over the years and the three core pillars of defence against these attacks. To download the full paper visit: http://www.icomm.co.uk/Announcement-Modal-Pages/SonicWALL-Firewall-Whitepaper.aspx

Tecnología
1 de 8
Descargar para leer sin conexión
Internet Gateway Security: A state of the nation 2014 Executive Summary With cyber attack methods growing increasingly sophisticated many traditional internet gateway solutions are no longer t for purpose. This whitepaper reveals just how many organisations are leaving themselves vulnerable to cyber criminality by keeping hold of their legacy rewall. We also examine how modern gateway security is providing an appropriate defence to these more complex threats and discuss what organisations should consider when refreshing this technology. [4283/FIREWALLWP/20140814/LH] 0121 248 7931 www.icomm.co.uk Icomm Technologies Limited 45-55 Camden Street, Birmingham, B1 3BP. White Paper
Internet Gateway Security: A state of the nation 2014 White Paper of SMBs lack knowledge of firewall refresh cycles Approximately 782,240 UK businesses are at risk with old or untested firewall technology 2 Introduction Barely a week goes by without the media reporting a new cyber threat which is capable of causing havoc. There are constant warnings of various forms of sophisticated malware which have already infected thousands of computers across the UK. GameOver Zeus, Cryptolocker and Shylock are just a few to hit the headlines this year. Once networks are infected, these types of malware can give cybercriminals the ability to steal corporate, personal or nancial details, encrypt les and hold them for ransom or extort money from companies through denial of service (DoS) attacks. The exact nature of the threats detailed in these media reports may change but the accompanying quote from a relevant security expert is always the same, ‘in order to protect yourself, keep your security defences up to date’. The three core pillars of those defences include end point protection, gateway defence and software patch updates. Companies may be updating their client anti-virus and are regularly patching software, but the Icomm Technologies Survey 2014 has revealed too many organisations are failing to address the nal pillar by not upgrading their rewalls as part of their internet gateway security. In recent years cybercriminals have evolved their tactics in order to evade detection by traditional rewall defences. Yet in many cases, the companies they target have not all kept pace with this and some are still relying on legacy solutions which are no longer t for purpose. These organisations now need a next generation rewall which has the capability to go deeper and inspect all tra c, regardless of the port and protocol. A modern rewall solution can inspect even encrypted tra c and detect those threats. Next generation rewalls are now also protecting businesses against the potential security impact of modern technology trends, such as the consumerisation of IT and cloud computing. These solutions can also provide granular control over website and application usage, to ensure bandwidth is always available for the most critical business functions. ? Many organisations are not upgrading their firewalls one sixth of companies have never tested their firewall Icomm Technologies Limited 45-55 Camden Street, Birmingham, B1 3BP. 0121 248 7931 www.icomm.co.uk
Internet Gateway Security: A state of the nation 2014 White Paper A firewall older than 3 years is not fit for purpose BUSINESSES small 3 Next generation fi rewall: an imperative It is a disturbing fact that the methods deployed by cyber criminality will continue to become more sophisticated. As a result, no one is 100% safe from attack. Even the biggest technology rms such as Microsoft, Apple and Facebook - who you would think could adequately defend themselves - have admitted to breaches. From a nancial and reputational perspective, the consequences of these attacks can be huge. In one of the largest global incidents to date, US retail giant Target saw the personal and nancial details of up to 110 million customers compromised. It is not just large companies being targeted, however. Research, by security rm Symantec, has shown that 30% of all global cyber attacks are actually aimed at small businesses - where defences are perceived to be weaker. Smaller targets may be less lucrative to cybercriminals but it requires less e ort to attack several soft targets than one which is large and well protected. The security solution The persistence of the threat, coupled with the increased complexity of these attacks, has meant modern rewalls are now required to do much more than simply check where tra c is coming from and going to. Cybercriminals have now found ways to con and trick their way around these traditional defences. “What is needed is deep packet inspection and that is what a next generation rewall provides - it digs further down to check for a virus or an intrusion,” said Mark Lomas, IT consultant at Icomm Technologies. “If you have not refreshed your rewall within the last three years the chances are that you are using a legacy rewall which is no longer t for purpose.” In response to these evolving threats, security rms have rolled out rewalls in the last few years which o er a more advanced defence. As cybercriminals are now capable of smuggling malware passed traditional rewalls by burying it within encrypted tra c, these solutions now provide SSL decryption and inspection. “Today, up to 35% of enterprise tra c is secured using the Secure Sockets Layer (SSL) protocol. Cybercriminals know this, and they have begun to use SSL to hide their attacks. Organisations which are still relying on legacy rewalls with no or limited SSL Inspection capabilities can be compromised,” said Florian Malecki, International Product Marketing Director at Dell Security. No one is 100% safe from attack. 30% of all global cyber attacks are aimed at Icomm Technologies Limited 45-55 Camden Street, Birmingham, B1 3BP. 0121 248 7931 www.icomm.co.uk
Internet Gateway Security: A state of the nation 2014 4 Case Study One potential consequence of sticking with your legacy fi rewall Icomm Technologies was privy to a damaging cyber attack on a small business, which had been taking an ‘if it’s not broke, don’t x it’ approach to rewalls. With a legacy solution in place, which was incapable of deep packet inspection, the company’s defences proved ine ectual against the attack. The company later approached Icomm for help. The business found itself at the mercy of an aggressive hacker who encrypted vital les and promised to expose sensitive information to the company’s entire email contact book unless £500 was paid into a speci ed bank account. A word le left on the business owner’s computer read, ‘You have been hacked’. Inside a menacing message threatened: “I do not require to do much more work on my part to ruin you.” The hacker, who was clearly well practised in this form of extortion, cheekily demanded that the business quote a reference number when making their payment. This situation could have been avoided if the business had upgraded to a next generation rewall beforehand. have no plans to, or claim they will never, update their firewall 29% White Paper Icomm Technologies Limited 45-55 Camden Street, Birmingham, B1 3BP. 0121 248 7931 www.icomm.co.uk
Internet Gateway Security: A state of the nation 2014 White Paper 5 Too many still at risk As more high pro le cyber attack incidents have hit the headlines, there has been a dawning realisation within organisations that they really need to take cyber security seriously. The Icomm Technologies Internet Gateway Security Survey, which was conducted with more than 500 IT executives within small and medium sized businesses (SMBs) in the UK, revealed that most have taken action by refreshing their rewall. The study showed that 61% rms have upgraded their rewall protection within the last 30 months - 41% have done so within the last 18 months. However, the results also reveal that many organisations are still relying on traditional solutions. The survey found 14% of organisations have not, or are unsure whether they have, upgraded their rewall since 2009. This means one in every seven SMBs in the UK is likely to have inadequate protection against the attack methods currently being deployed by cyber criminals. Testing It is one thing to deploy a next generation rewall but it is another checking the solution is actually doing its job. It is recommended that companies check their rewall with penetration testing at least once a year on average. For companies storing sensitive information, such as their customer’s personal or nancial details, this might take place quarterly. “A lot of people seem to think because they have a rewall they are fully protected when they might not have the right policies in place. Penetration testing is important to ensure everything is working as it should,” said Malecki. “As Verizon’s recent Data Breach survey has shown, when a business is compromised it can be a long time before that is discovered and quite often it is the third parties doing these penetration tests that are the ones who are nding these breaches.” The Icomm survey found that more than three quarters (77%) of SMBs do carry out a penetration test at least once a year - almost half (48%) test twice a year or even more frequently. However, the study found that a worrying 16% have never tested their firewall. This means that nearly one in every six SMBs in the UK has no way of knowing whether their rewall is working or not. one in six SMBs have never tested their firewall one in seven SMBs have inadequate protection penetration tests should happen at least once a year Icomm Technologies Limited 45-55 Camden Street, Birmingham, B1 3BP. 0121 248 7931 www.icomm.co.uk
Internet Gateway Security: A state of the nation 2014 White Paper 6 The refresh cycle Like any element of the IT infrastructure, the rewall protecting an organisation’s network should be refreshed periodically. Companies are advised to upgrade their rewall every three to ve years on average - as they would their servers. This refresh is not just to ensure the solution in place is o ering an adequate defence against evolving threats, it is also about protecting performance. If a company is growing, the organisation needs a rewall that can handle increased tra c and prevent bottlenecks. The Icomm survey revealed the majority of rms acknowledge the need for this refresh and have plans to carry this out within the next ve years. The research did reveal, however, that nearly a third (29%) say they have no plans to, or will never, upgrade their rewall. When asked how often they believed they should refresh their rewall, a quarter (25%) of respondents replied ‘at the end of its life’. Lomas said: “It would be interesting to know when someone thinks their rewall is broken, as it’s not a case of checking whether the lights are on. “If you have a traditional rewall it will not be protecting you in the same way it was when you bought it - so in my eyes it is already broken.” Many refresh their firewall every five years think a firewall doesn’t need refreshing Icomm Technologies Limited 45-55 Camden Street, Birmingham, B1 3BP. 0121 248 7931 www.icomm.co.uk
Internet Gateway Security: A state of the nation 2014 White Paper 7 What to consider when upgrading your Firewall It is not unusual for businesses to acquire their rewall solution as an add-on, when buying another solution. This ‘one stop shop’ approach when procuring one of the key pillars in an organisation’s security defences is questionable. The level of integration a rewall needs with other elements of the IT infrastructure is limited. Therefore, the purchasing decision should be independent to any other form of procurement. Organisations are free to deploy a best of breed solution which o ers the deep packet inspection, with decryption and anti-evasion technology, mentioned above. Lomas said: “We would always advocate a consultancy led approach to rewalls as some vendors do o er a greater depth of solution than others. For some, security is their main focus but there are others which are just lling out their portfolios.” Protecting productivity Organisations should also consider technology trends, such as the consumerisation of IT and cloud computing, which can impact on internet bandwidth. Next generation rewalls are capable of protecting an organisation’s bandwidth performance by providing a granular level of control. This allows organisations to manage behaviour on certain websites or applications and specify which teams or individuals are given access. For example, the marketing department may be given permission to promote the business on consumer websites such as Facebook and YouTube but at the same time a next generation rewall can curtail any excessive video streaming or gaming on these platforms. At times when there is excessive demand placed on the internet, a next generation rewall can also take action to protect vital cloud applications and reduce the bandwidth available to non-essential functions. Malecki explains: “If an England football game is on, some companies will be happy to let their sta stream this but if this a ected bandwidth it could prevent access to essential applications such as Salesforce.com or another CRM system. A next generation rewall will, however, allow you to reserve a percentage of the bandwidth for critical applications to ensure the business remains productive at these times.” have no plans to upgrade at all Icomm Technologies Limited 45-55 Camden Street, Birmingham, B1 3BP. 0121 248 7931 www.icomm.co.uk
Internet Gateway Security: A state of the nation 2014 Conclusion Firewall manufacturers have been forced into taking some great strides forward in recent years, in response to the nefarious activities of cybercriminals. But with approximately one in seven SMBs still likely to be deploying traditional solutions, it is clear many organisations are still leaving themselves vulnerable to attack. Furthermore, as IT consumerisation and cloud computing threaten to impact on crucial functionality, businesses could well be losing competitive advantage by not deploying next generation solutions which protect productivity. With cyber attacks and internet usage both destined to grow rapidly in the coming years, the third of businesses who have no plans to upgrade their rewall will also need to rethink their approach. Otherwise their performance will su er, or worse still they could leave themselves at the mercy of increasingly sophisticated cybercriminals. For further information and support on refreshing, testing and upgrading your fi rewall, please get in touch with Icomm Technologies on 0121 248 7931 or at www.icomm.co.uk White Paper 0121 248 7931 www.icomm.co.uk Icomm Technologies Limited 45-55 Camden Street, Birmingham, B1 3BP. 8

Recomendados

Icomm agentless-architecture
Icomm agentless-architectureIcomm agentless-architecture
Icomm agentless-architectureIcomm Technologies
 
Icomm virtualisation-support-white-paper
Icomm virtualisation-support-white-paperIcomm virtualisation-support-white-paper
Icomm virtualisation-support-white-paperIcomm Technologies
 
The truth behind cyber attacks
The truth behind cyber attacks The truth behind cyber attacks
The truth behind cyber attacks Icomm Technologies
 
10 Key Action to Reduce IT Infrastructure and Operation Cost Stucture
10 Key Action to Reduce IT Infrastructure and Operation Cost Stucture10 Key Action to Reduce IT Infrastructure and Operation Cost Stucture
10 Key Action to Reduce IT Infrastructure and Operation Cost StuctureIcomm Technologies
 
Decision making & problem solving
Decision making & problem solvingDecision making & problem solving
Decision making & problem solvingashish1afmi
 
Problem solving& Decision Making
Problem solving& Decision MakingProblem solving& Decision Making
Problem solving& Decision MakingSahar Andrade, MBBCh Diversity, Leadership, Reinvent Yourself
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and SolutionsColin058
 
Anatomy of a cyber-attack
Anatomy of a cyber-attackAnatomy of a cyber-attack
Anatomy of a cyber-attackIcomm Technologies
 

Recomendados

Icomm agentless-architecture
Icomm agentless-architectureIcomm agentless-architecture
Icomm agentless-architectureIcomm Technologies
 
Icomm virtualisation-support-white-paper
Icomm virtualisation-support-white-paperIcomm virtualisation-support-white-paper
Icomm virtualisation-support-white-paperIcomm Technologies
 
The truth behind cyber attacks
The truth behind cyber attacks The truth behind cyber attacks
The truth behind cyber attacks Icomm Technologies
 
10 Key Action to Reduce IT Infrastructure and Operation Cost Stucture
10 Key Action to Reduce IT Infrastructure and Operation Cost Stucture10 Key Action to Reduce IT Infrastructure and Operation Cost Stucture
10 Key Action to Reduce IT Infrastructure and Operation Cost StuctureIcomm Technologies
 
Decision making & problem solving
Decision making & problem solvingDecision making & problem solving
Decision making & problem solvingashish1afmi
 
Problem solving& Decision Making
Problem solving& Decision MakingProblem solving& Decision Making
Problem solving& Decision MakingSahar Andrade, MBBCh Diversity, Leadership, Reinvent Yourself
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and SolutionsColin058
 
Anatomy of a cyber-attack
Anatomy of a cyber-attackAnatomy of a cyber-attack
Anatomy of a cyber-attackIcomm Technologies
 
Disaster Recovery
Disaster RecoveryDisaster Recovery
Disaster RecoveryIcomm Technologies
 
Disaster Recovery
Disaster RecoveryDisaster Recovery
Disaster RecoveryIcomm Technologies
 
The sonic wall clean vpn approach for the mobile work force
The sonic wall clean vpn approach for the mobile work forceThe sonic wall clean vpn approach for the mobile work force
The sonic wall clean vpn approach for the mobile work forceIcomm Technologies
 
Mobility, Security and the Enterprise: The Equation to Solve
Mobility, Security and the Enterprise: The Equation to SolveMobility, Security and the Enterprise: The Equation to Solve
Mobility, Security and the Enterprise: The Equation to SolveIcomm Technologies
 
The only authentication platform you’ll ever need.
The only authentication platform you’ll ever need.The only authentication platform you’ll ever need.
The only authentication platform you’ll ever need.Icomm Technologies
 
Swivel Secure and Office 365
Swivel Secure and Office 365Swivel Secure and Office 365
Swivel Secure and Office 365Icomm Technologies
 
Swivel Secure, ADFS and Office 365
Swivel Secure, ADFS and Office 365Swivel Secure, ADFS and Office 365
Swivel Secure, ADFS and Office 365Icomm Technologies
 
Securing the Cloud
Securing the CloudSecuring the Cloud
Securing the CloudIcomm Technologies
 
Top 10 Trends in Telecommuting
Top 10 Trends in TelecommutingTop 10 Trends in Telecommuting
Top 10 Trends in TelecommutingIcomm Technologies
 
Controlling Laptop and Smartphone Access to Corporate Networks
Controlling Laptop and Smartphone Access to Corporate NetworksControlling Laptop and Smartphone Access to Corporate Networks
Controlling Laptop and Smartphone Access to Corporate NetworksIcomm Technologies
 
IT Security Trends in 2012
IT Security Trends in 2012IT Security Trends in 2012
IT Security Trends in 2012Icomm Technologies
 
Tackling consumerization of it
Tackling consumerization of it Tackling consumerization of it
Tackling consumerization of it Icomm Technologies
 
Office 365-technical-overview-deck
Office 365-technical-overview-deckOffice 365-technical-overview-deck
Office 365-technical-overview-deckIcomm Technologies
 
Icomm cloud-backup-overview
Icomm cloud-backup-overviewIcomm cloud-backup-overview
Icomm cloud-backup-overviewIcomm Technologies
 
Efficiently protect-virtual-machines
Efficiently protect-virtual-machinesEfficiently protect-virtual-machines
Efficiently protect-virtual-machinesIcomm Technologies
 
Cloud backup-for-endpoint-devices
Cloud backup-for-endpoint-devicesCloud backup-for-endpoint-devices
Cloud backup-for-endpoint-devicesIcomm Technologies
 
Beakbane safeguards future with ERP - ready infrastructure upgrade.
Beakbane safeguards future with ERP - ready infrastructure upgrade.Beakbane safeguards future with ERP - ready infrastructure upgrade.
Beakbane safeguards future with ERP - ready infrastructure upgrade.Icomm Technologies
 
Icomm enables Aston Manor to brew success
Icomm enables Aston Manor to brew successIcomm enables Aston Manor to brew success
Icomm enables Aston Manor to brew successIcomm Technologies
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 

Más contenido relacionado

Más de Icomm Technologies

The sonic wall clean vpn approach for the mobile work force
The sonic wall clean vpn approach for the mobile work forceThe sonic wall clean vpn approach for the mobile work force
The sonic wall clean vpn approach for the mobile work forceIcomm Technologies
 
Mobility, Security and the Enterprise: The Equation to Solve
Mobility, Security and the Enterprise: The Equation to SolveMobility, Security and the Enterprise: The Equation to Solve
Mobility, Security and the Enterprise: The Equation to SolveIcomm Technologies
 
The only authentication platform you’ll ever need.
The only authentication platform you’ll ever need.The only authentication platform you’ll ever need.
The only authentication platform you’ll ever need.Icomm Technologies
 
Swivel Secure, ADFS and Office 365
Swivel Secure, ADFS and Office 365Swivel Secure, ADFS and Office 365
Swivel Secure, ADFS and Office 365Icomm Technologies
 
Top 10 Trends in Telecommuting
Top 10 Trends in TelecommutingTop 10 Trends in Telecommuting
Top 10 Trends in TelecommutingIcomm Technologies
 
Controlling Laptop and Smartphone Access to Corporate Networks
Controlling Laptop and Smartphone Access to Corporate NetworksControlling Laptop and Smartphone Access to Corporate Networks
Controlling Laptop and Smartphone Access to Corporate NetworksIcomm Technologies
 
Tackling consumerization of it
Tackling consumerization of it Tackling consumerization of it
Tackling consumerization of it Icomm Technologies
 
Office 365-technical-overview-deck
Office 365-technical-overview-deckOffice 365-technical-overview-deck
Office 365-technical-overview-deckIcomm Technologies
 
Efficiently protect-virtual-machines
Efficiently protect-virtual-machinesEfficiently protect-virtual-machines
Efficiently protect-virtual-machinesIcomm Technologies
 
Cloud backup-for-endpoint-devices
Cloud backup-for-endpoint-devicesCloud backup-for-endpoint-devices
Cloud backup-for-endpoint-devicesIcomm Technologies
 
Beakbane safeguards future with ERP - ready infrastructure upgrade.
Beakbane safeguards future with ERP - ready infrastructure upgrade.Beakbane safeguards future with ERP - ready infrastructure upgrade.
Beakbane safeguards future with ERP - ready infrastructure upgrade.Icomm Technologies
 
Icomm enables Aston Manor to brew success
Icomm enables Aston Manor to brew successIcomm enables Aston Manor to brew success
Icomm enables Aston Manor to brew successIcomm Technologies
 

Más de Icomm Technologies (18)

Disaster Recovery
Disaster RecoveryDisaster Recovery
Disaster Recovery
 
Disaster Recovery
Disaster RecoveryDisaster Recovery
Disaster Recovery
 
The sonic wall clean vpn approach for the mobile work force
The sonic wall clean vpn approach for the mobile work forceThe sonic wall clean vpn approach for the mobile work force
The sonic wall clean vpn approach for the mobile work force
 
Mobility, Security and the Enterprise: The Equation to Solve
Mobility, Security and the Enterprise: The Equation to SolveMobility, Security and the Enterprise: The Equation to Solve
Mobility, Security and the Enterprise: The Equation to Solve
 
The only authentication platform you’ll ever need.
The only authentication platform you’ll ever need.The only authentication platform you’ll ever need.
The only authentication platform you’ll ever need.
 
Swivel Secure and Office 365
Swivel Secure and Office 365Swivel Secure and Office 365
Swivel Secure and Office 365
 
Swivel Secure, ADFS and Office 365
Swivel Secure, ADFS and Office 365Swivel Secure, ADFS and Office 365
Swivel Secure, ADFS and Office 365
 
Securing the Cloud
Securing the CloudSecuring the Cloud
Securing the Cloud
 
Top 10 Trends in Telecommuting
Top 10 Trends in TelecommutingTop 10 Trends in Telecommuting
Top 10 Trends in Telecommuting
 
Controlling Laptop and Smartphone Access to Corporate Networks
Controlling Laptop and Smartphone Access to Corporate NetworksControlling Laptop and Smartphone Access to Corporate Networks
Controlling Laptop and Smartphone Access to Corporate Networks
 
IT Security Trends in 2012
IT Security Trends in 2012IT Security Trends in 2012
IT Security Trends in 2012
 
Tackling consumerization of it
Tackling consumerization of it Tackling consumerization of it
Tackling consumerization of it
 
Office 365-technical-overview-deck
Office 365-technical-overview-deckOffice 365-technical-overview-deck
Office 365-technical-overview-deck
 
Icomm cloud-backup-overview
Icomm cloud-backup-overviewIcomm cloud-backup-overview
Icomm cloud-backup-overview
 
Efficiently protect-virtual-machines
Efficiently protect-virtual-machinesEfficiently protect-virtual-machines
Efficiently protect-virtual-machines
 
Cloud backup-for-endpoint-devices
Cloud backup-for-endpoint-devicesCloud backup-for-endpoint-devices
Cloud backup-for-endpoint-devices
 
Beakbane safeguards future with ERP - ready infrastructure upgrade.
Beakbane safeguards future with ERP - ready infrastructure upgrade.Beakbane safeguards future with ERP - ready infrastructure upgrade.
Beakbane safeguards future with ERP - ready infrastructure upgrade.
 
Icomm enables Aston Manor to brew success
Icomm enables Aston Manor to brew successIcomm enables Aston Manor to brew success
Icomm enables Aston Manor to brew success
 

Último

How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 

Último (20)

How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 

Internet gateway security: A state of the nation 2014 [whitepaper]

  • 1. Internet Gateway Security: A state of the nation 2014 Executive Summary With cyber attack methods growing increasingly sophisticated many traditional internet gateway solutions are no longer t for purpose. This whitepaper reveals just how many organisations are leaving themselves vulnerable to cyber criminality by keeping hold of their legacy rewall. We also examine how modern gateway security is providing an appropriate defence to these more complex threats and discuss what organisations should consider when refreshing this technology. [4283/FIREWALLWP/20140814/LH] 0121 248 7931 www.icomm.co.uk Icomm Technologies Limited 45-55 Camden Street, Birmingham, B1 3BP. White Paper
  • 2. Internet Gateway Security: A state of the nation 2014 White Paper of SMBs lack knowledge of firewall refresh cycles Approximately 782,240 UK businesses are at risk with old or untested firewall technology 2 Introduction Barely a week goes by without the media reporting a new cyber threat which is capable of causing havoc. There are constant warnings of various forms of sophisticated malware which have already infected thousands of computers across the UK. GameOver Zeus, Cryptolocker and Shylock are just a few to hit the headlines this year. Once networks are infected, these types of malware can give cybercriminals the ability to steal corporate, personal or nancial details, encrypt les and hold them for ransom or extort money from companies through denial of service (DoS) attacks. The exact nature of the threats detailed in these media reports may change but the accompanying quote from a relevant security expert is always the same, ‘in order to protect yourself, keep your security defences up to date’. The three core pillars of those defences include end point protection, gateway defence and software patch updates. Companies may be updating their client anti-virus and are regularly patching software, but the Icomm Technologies Survey 2014 has revealed too many organisations are failing to address the nal pillar by not upgrading their rewalls as part of their internet gateway security. In recent years cybercriminals have evolved their tactics in order to evade detection by traditional rewall defences. Yet in many cases, the companies they target have not all kept pace with this and some are still relying on legacy solutions which are no longer t for purpose. These organisations now need a next generation rewall which has the capability to go deeper and inspect all tra c, regardless of the port and protocol. A modern rewall solution can inspect even encrypted tra c and detect those threats. Next generation rewalls are now also protecting businesses against the potential security impact of modern technology trends, such as the consumerisation of IT and cloud computing. These solutions can also provide granular control over website and application usage, to ensure bandwidth is always available for the most critical business functions. ? Many organisations are not upgrading their firewalls one sixth of companies have never tested their firewall Icomm Technologies Limited 45-55 Camden Street, Birmingham, B1 3BP. 0121 248 7931 www.icomm.co.uk
  • 3. Internet Gateway Security: A state of the nation 2014 White Paper A firewall older than 3 years is not fit for purpose BUSINESSES small 3 Next generation fi rewall: an imperative It is a disturbing fact that the methods deployed by cyber criminality will continue to become more sophisticated. As a result, no one is 100% safe from attack. Even the biggest technology rms such as Microsoft, Apple and Facebook - who you would think could adequately defend themselves - have admitted to breaches. From a nancial and reputational perspective, the consequences of these attacks can be huge. In one of the largest global incidents to date, US retail giant Target saw the personal and nancial details of up to 110 million customers compromised. It is not just large companies being targeted, however. Research, by security rm Symantec, has shown that 30% of all global cyber attacks are actually aimed at small businesses - where defences are perceived to be weaker. Smaller targets may be less lucrative to cybercriminals but it requires less e ort to attack several soft targets than one which is large and well protected. The security solution The persistence of the threat, coupled with the increased complexity of these attacks, has meant modern rewalls are now required to do much more than simply check where tra c is coming from and going to. Cybercriminals have now found ways to con and trick their way around these traditional defences. “What is needed is deep packet inspection and that is what a next generation rewall provides - it digs further down to check for a virus or an intrusion,” said Mark Lomas, IT consultant at Icomm Technologies. “If you have not refreshed your rewall within the last three years the chances are that you are using a legacy rewall which is no longer t for purpose.” In response to these evolving threats, security rms have rolled out rewalls in the last few years which o er a more advanced defence. As cybercriminals are now capable of smuggling malware passed traditional rewalls by burying it within encrypted tra c, these solutions now provide SSL decryption and inspection. “Today, up to 35% of enterprise tra c is secured using the Secure Sockets Layer (SSL) protocol. Cybercriminals know this, and they have begun to use SSL to hide their attacks. Organisations which are still relying on legacy rewalls with no or limited SSL Inspection capabilities can be compromised,” said Florian Malecki, International Product Marketing Director at Dell Security. No one is 100% safe from attack. 30% of all global cyber attacks are aimed at Icomm Technologies Limited 45-55 Camden Street, Birmingham, B1 3BP. 0121 248 7931 www.icomm.co.uk
  • 4. Internet Gateway Security: A state of the nation 2014 4 Case Study One potential consequence of sticking with your legacy fi rewall Icomm Technologies was privy to a damaging cyber attack on a small business, which had been taking an ‘if it’s not broke, don’t x it’ approach to rewalls. With a legacy solution in place, which was incapable of deep packet inspection, the company’s defences proved ine ectual against the attack. The company later approached Icomm for help. The business found itself at the mercy of an aggressive hacker who encrypted vital les and promised to expose sensitive information to the company’s entire email contact book unless £500 was paid into a speci ed bank account. A word le left on the business owner’s computer read, ‘You have been hacked’. Inside a menacing message threatened: “I do not require to do much more work on my part to ruin you.” The hacker, who was clearly well practised in this form of extortion, cheekily demanded that the business quote a reference number when making their payment. This situation could have been avoided if the business had upgraded to a next generation rewall beforehand. have no plans to, or claim they will never, update their firewall 29% White Paper Icomm Technologies Limited 45-55 Camden Street, Birmingham, B1 3BP. 0121 248 7931 www.icomm.co.uk
  • 5. Internet Gateway Security: A state of the nation 2014 White Paper 5 Too many still at risk As more high pro le cyber attack incidents have hit the headlines, there has been a dawning realisation within organisations that they really need to take cyber security seriously. The Icomm Technologies Internet Gateway Security Survey, which was conducted with more than 500 IT executives within small and medium sized businesses (SMBs) in the UK, revealed that most have taken action by refreshing their rewall. The study showed that 61% rms have upgraded their rewall protection within the last 30 months - 41% have done so within the last 18 months. However, the results also reveal that many organisations are still relying on traditional solutions. The survey found 14% of organisations have not, or are unsure whether they have, upgraded their rewall since 2009. This means one in every seven SMBs in the UK is likely to have inadequate protection against the attack methods currently being deployed by cyber criminals. Testing It is one thing to deploy a next generation rewall but it is another checking the solution is actually doing its job. It is recommended that companies check their rewall with penetration testing at least once a year on average. For companies storing sensitive information, such as their customer’s personal or nancial details, this might take place quarterly. “A lot of people seem to think because they have a rewall they are fully protected when they might not have the right policies in place. Penetration testing is important to ensure everything is working as it should,” said Malecki. “As Verizon’s recent Data Breach survey has shown, when a business is compromised it can be a long time before that is discovered and quite often it is the third parties doing these penetration tests that are the ones who are nding these breaches.” The Icomm survey found that more than three quarters (77%) of SMBs do carry out a penetration test at least once a year - almost half (48%) test twice a year or even more frequently. However, the study found that a worrying 16% have never tested their firewall. This means that nearly one in every six SMBs in the UK has no way of knowing whether their rewall is working or not. one in six SMBs have never tested their firewall one in seven SMBs have inadequate protection penetration tests should happen at least once a year Icomm Technologies Limited 45-55 Camden Street, Birmingham, B1 3BP. 0121 248 7931 www.icomm.co.uk
  • 6. Internet Gateway Security: A state of the nation 2014 White Paper 6 The refresh cycle Like any element of the IT infrastructure, the rewall protecting an organisation’s network should be refreshed periodically. Companies are advised to upgrade their rewall every three to ve years on average - as they would their servers. This refresh is not just to ensure the solution in place is o ering an adequate defence against evolving threats, it is also about protecting performance. If a company is growing, the organisation needs a rewall that can handle increased tra c and prevent bottlenecks. The Icomm survey revealed the majority of rms acknowledge the need for this refresh and have plans to carry this out within the next ve years. The research did reveal, however, that nearly a third (29%) say they have no plans to, or will never, upgrade their rewall. When asked how often they believed they should refresh their rewall, a quarter (25%) of respondents replied ‘at the end of its life’. Lomas said: “It would be interesting to know when someone thinks their rewall is broken, as it’s not a case of checking whether the lights are on. “If you have a traditional rewall it will not be protecting you in the same way it was when you bought it - so in my eyes it is already broken.” Many refresh their firewall every five years think a firewall doesn’t need refreshing Icomm Technologies Limited 45-55 Camden Street, Birmingham, B1 3BP. 0121 248 7931 www.icomm.co.uk
  • 7. Internet Gateway Security: A state of the nation 2014 White Paper 7 What to consider when upgrading your Firewall It is not unusual for businesses to acquire their rewall solution as an add-on, when buying another solution. This ‘one stop shop’ approach when procuring one of the key pillars in an organisation’s security defences is questionable. The level of integration a rewall needs with other elements of the IT infrastructure is limited. Therefore, the purchasing decision should be independent to any other form of procurement. Organisations are free to deploy a best of breed solution which o ers the deep packet inspection, with decryption and anti-evasion technology, mentioned above. Lomas said: “We would always advocate a consultancy led approach to rewalls as some vendors do o er a greater depth of solution than others. For some, security is their main focus but there are others which are just lling out their portfolios.” Protecting productivity Organisations should also consider technology trends, such as the consumerisation of IT and cloud computing, which can impact on internet bandwidth. Next generation rewalls are capable of protecting an organisation’s bandwidth performance by providing a granular level of control. This allows organisations to manage behaviour on certain websites or applications and specify which teams or individuals are given access. For example, the marketing department may be given permission to promote the business on consumer websites such as Facebook and YouTube but at the same time a next generation rewall can curtail any excessive video streaming or gaming on these platforms. At times when there is excessive demand placed on the internet, a next generation rewall can also take action to protect vital cloud applications and reduce the bandwidth available to non-essential functions. Malecki explains: “If an England football game is on, some companies will be happy to let their sta stream this but if this a ected bandwidth it could prevent access to essential applications such as Salesforce.com or another CRM system. A next generation rewall will, however, allow you to reserve a percentage of the bandwidth for critical applications to ensure the business remains productive at these times.” have no plans to upgrade at all Icomm Technologies Limited 45-55 Camden Street, Birmingham, B1 3BP. 0121 248 7931 www.icomm.co.uk
  • 8. Internet Gateway Security: A state of the nation 2014 Conclusion Firewall manufacturers have been forced into taking some great strides forward in recent years, in response to the nefarious activities of cybercriminals. But with approximately one in seven SMBs still likely to be deploying traditional solutions, it is clear many organisations are still leaving themselves vulnerable to attack. Furthermore, as IT consumerisation and cloud computing threaten to impact on crucial functionality, businesses could well be losing competitive advantage by not deploying next generation solutions which protect productivity. With cyber attacks and internet usage both destined to grow rapidly in the coming years, the third of businesses who have no plans to upgrade their rewall will also need to rethink their approach. Otherwise their performance will su er, or worse still they could leave themselves at the mercy of increasingly sophisticated cybercriminals. For further information and support on refreshing, testing and upgrading your fi rewall, please get in touch with Icomm Technologies on 0121 248 7931 or at www.icomm.co.uk White Paper 0121 248 7931 www.icomm.co.uk Icomm Technologies Limited 45-55 Camden Street, Birmingham, B1 3BP. 8