SlideShare una empresa de Scribd logo

Five Network Security Threats and Layers of Protection

ReadWrite
ReadWrite

The document discusses 5 of the most costly network security threats faced by enterprises: 1) botnets, 2) phishing, 3) malware, 4) distributed denial of service (DDoS) attacks, and 5) increasingly sophisticated attacks. It recommends implementing key layers of control through network perimeter protections, cloud-based security services, mobile device security, and endpoint compliance to effectively prevent and mitigate these threats. Outsourcing security functions to a managed security services provider can help organizations do more with less by avoiding in-house technology and staffing costs.

1 de 4
Descargar para leer sin conexión
Five NetwoRk SeCuRity thReAtS ANd how to PRoteCt youR BuSiNeSS A layered approach to security may be your best defense ExEcutivE OvErviEw — cOntrOl layErs tO dO mOrE with lEss Threats abound in today’s corporate networks. There’s no getting around it. Keeping your enterprise and its data and corporate assets Security budgets are continuing secure necessitates a proactive security posture. Being proactive to feel the strain of the current involves understanding the assets that require risk mitigation and the economy. Unfortunately, proper controls to support your risk management strategy. This paper network and system threats uncovers the five most costly network security threats that enterprises won’t take a break, even in a battle today and how you can protect your business by implementing down market. key layers of control and taking advantage of managed security services to do more with less. EcOnOmic gain frOm thrEats — businEss thrEat is grOwing The increasing virulence of attacks over the past 20 years is considerable. Along with the global, connective nature of the Internet, threats have evolved from one-off incidents caused by fame-seeking hackers to organized attacks by malicious parties seeing profit. And as the reliance on IT infrastructure grows, the attack surface increases; there are more opportunities than ever. The trend is evident in the rise of “botconomics” — the joining of botnets to compromise a network in an effort to make money. Compromised digital assets have been monetized and, without proper security controls, are up for grabs. The economic force driving the underground value chain for stolen data is immense and has evolved to comprise black markets for selling stolen data, mules to carry out purchase transactions using the stolen data, auction market places to resell the goods, and currency transaction services to transfer the ill-gotten funds. Network attacks against major online brands such as Yahoo®, Google™ and Twitter™ have brought the issue to the media mainstream. Business communications and employee work behavior have evolved to increase the flexibility of where we work, how we access data, and applications we use to communicate. This flexibility has brought about consequences as it introduces new attack vectors to a company’s environment. More employees are using devices other than their work PCs to access data and are adopting communication applications that foster collaboration and social networks (i.e. wikis, IM, Blogs, Facebook®, Twitter). Without the confinement of applications, systems and communications within the corporate network of yesterday, the environment is now more mobile and diverse, and this has a huge impact on how we interact with data. Our workforces on the road or at home can access information from devices other than their PCs. Communication has expanded beyond email and instant messaging to other forms such as micro blogging, now used in the corporate environment. The question is, given this environment, how can you control the spread, or leakage, of data? Copyright © 2009 Qwest. All Rights Reserved. Not to be distributed or reproduced by anyone other than Qwest entities. 1 All marks are the property of the respective company. September 2009. WP101112 1/10
Although companies must operate according to certain governmental or industry requirements, and demonstrate to auditors that they are in compliance with those requirements on an ongoing basis, there’s always human error. People can unintentionally leak data through email or web sites. Technologies such as link prevention can help to control security mishaps, but they’re not fool proof. Fortunately, you can take steps to prevent threats, but you must first understand where the threats lie. The cost of security is high, including expenses for systems and tools, people and resources to configure and monitor security systems, and the time and material to develop the appropriate processes to ensure everyone adheres to policies. Before allocating your security budget, make sure you’re putting your dollars where they will be most effective. A solid understanding of the most damaging threats will help you make informed decisions about your security infrastructure. thE fivE mOst cOstly nEtwOrk sEcurity thrEats Network threats are numerous, but some are more deadly than others. Here are five of the most costly threats: 1. botnets. In the past, “botnets” were created for fun, and to satisfy the curiosity and egos of rogue hackers. These individuals would manually compromise systems and move on, without leaving too much damage. Today, botnets are virtual chop shops—sophisticated and monetized, they can be used for serious cybercrime. In fact, botnets are the primary vehicle for cyber criminals. They can be used to steal identities from hundreds of people on the other side of the world with a single attack. Today’s botnets are also more resilient. They’re built on tiered infrastructure and the technology they use has evolved to HTTP and peer-to-peer channels with encryption. Consequently, they’re hard to take down. They can also be managed remotely, so there’s a slim chance of finding the culprit. To combat the botnet threat, companies need security expertise. It’s worth the money, because the impact of a sophisticated botnet attack to an organization can be huge, resulting in a tarnished reputation, hefty fines and even lawsuits. And not only large companies need to worry; smaller companies are also at risk. 2. Phishing. The practice of “phishing,” or masquerading as a trustworthy entity to get credentials from someone over the Internet, is becoming more and more sophisticated and easy to do. There is a rise of kits on the open market that cost as little as $49. They enable anyone to copy legitimate sites and set them up for malicious purposes. Phishing is second only to spam for compromising systems on the Internet today, and many are hosted on botnets. Through phishing sites, hackers can harvest credentials of individuals and index them based on many dimensions. The impact is costly, resulting in fraud, stolen identities and compromised data. 3. malware. There’s been an explosion of malware in the last few years. According to a study from the University of Michigan & Arbor Networks Inc. called the Internet Malware Classification and Analysis (2007), 75,000 to 250,000 new families or variants of malware were released in 2006, and that number ballooned to 60,0000 to 80,000 per month in 2008. It’s estimated that there’s a new variant released every 30 seconds. Although antivirus software coupled with intrusion detection solutions is the front line of defense, it fails to detect malware 20–62% of the time. 4. distributed denial of service attacks. Distributed denial of service (DDoS) attacks are growing in number and in size. DDoS attack size continues to outpace the size of average dedicated Internet access circuits. According to a 2008 worldwide infrastructure security report by Arbor Networks, 57% of ISPs have reported attacks larger than 1 Gbps. Attacks of this size can cause prolonged outages of prominent Internet facing services, such as online bill pay and VoIP. 5. attack sophistication. Because many companies have put in infrastructure to mitigate simple attacks, the attacks are evolving and becoming more sophisticated, and they’re overwhelming network transactions on the back end instead of on the Internet facing side. DNS-based abuses like PRNG name generation, DDoS vectors and rouge DNS servers are common. Another attack vector is the router. Wormable attacks like Conficker can compromise as many as 2 million systems or more. Attacks of this magnitude are difficult for companies to prevent on their own with internal resources, and many are turning to cloud providers who can dedicate the resources to a more sophisticated security system. Copyright © 2009 Qwest. All Rights Reserved. Not to be distributed or reproduced by anyone other than Qwest entities. 2 All marks are the property of the respective company. September 2009. WP101112 1/10
mitigating thrEats: thE kEy layErs Of cOntrOl tO bE mOrE PrOductivE There are some key layers of protection that should be implemented to provide effective threat prevention and mitigation. For example, service providers can deliver security services to prevent the effects of phishing on enterprises by screening traffic before it enters the enterprise network. This capability enables users to be more productive, as well, because it lowers the infection risk and rate, and removes the burden of deleting spam and filtering out bad email. To fight malware, organizations need a combination of anomaly detection, customer premise equipment and ISP in-cloud security systems. When implemented only at the network’s perimeter, Intrusion Dectection or Preventions Service (IDS/ IPS) devices will drop unauthorized packets but cannot prevent a DDoS attack, because the number of packets would cause disruption to the Internet link. If you mitigate DDoS attacks in the cloud, the packets are dropped in the cloud, so only filtered traffic would travel to the corporate network. Using cloud services mitigates security issues away from the network to preserve people and resources, is often transparent to users and requires no additional hardware or software to be installed on the premise. Another security challenge involves the increasingly mobile workforce. Most companies have security at the perimeter because, historically, most system attacks occur there. However, as more employees work remotely, there’s a need to expand security to the laptop and other mobile devices and enforce endpoint compliance. One interesting technology available is endpoint compliance software offered by companies like Symantec, Checkpoint and Fiberlink. This technology allows you to enforce that end users use firewall and antivirus software any time they access the network remotely. Endpoint compliance software enables you to ensure all endpoints are compliance with corporate security policies by pushing out the latest patches and updates. In this way, you can be certain remote access points are not vulnerable to the latest exploits. There are a multitude of technologies are available for each layer of the network. It’s important to layer on all of these technologies for complete protection against all possible threats: • System level: Encryption and Human Interface Devices (HIDs). • Network perimeter: Firewalls, malware filters, IDS/IPS systems, content filtering, data leak prevention, spam filters and vulnerability assessments. • Cloud: DDoS mitigation, firewalls, malware filter, spam filters and vulnerability assessments. • Mobile devices: Firewalls, malware filter, anti-sypware, disk encryption, data leak prevention, and endpoint compliance. Copyright © 2009 Qwest. All Rights Reserved. Not to be distributed or reproduced by anyone other than Qwest entities. 3 All marks are the property of the respective company. September 2009. WP101112 1/10
dO mOrE with lEss — wOrk with a PrOvidEr tO incrEasE succEss Security budgets are continuing to feel the strain of the current economy. Unfortunately, network and system threats won’t take a break, even in a down market. The financial consequences of a breach will be even more devastating, so it’s important to invest wisely when planning your network security strategy. Evaluate the attack service in your network and determine what areas are critical to your business. As you anticipate your company’s future security needs, you may decide to partner with a service provider who can offer expertise and resources that you don’t have in-house. The benefits include predictable costs and solutions that have been designed, implemented and vetted in production environments. Working with a provider, you can avoid technology obsolescence and offload the heavy lifting while redirecting your own resources to revenue-generating efforts. Whether you take on the task of securing your network alone, or consult a partner, don’t ignore the threat, and take a layered approach to protect your network from every angle. CoNNeCt. SimPliFy. eNhANCe. ® with Qwest Business Solutions® Qwest is focused on helping you work smarter, with services that leverage the latest technology and award-winning support. Here are a few solutions that can address the issues covered in this solutions brief: managEd sEcurity sErvicEs With Managed Security Services, Qwest can administer and monitor your network on your behalf while you concentrate on other mission-critical elements of your business. Let Qwest allow you to focus on what’s important—your business. And, save you time and money through the use of our expert tools, skills, and processes to improve system uptime and performance, optimize security investments, improve employee productivity, and demonstrate compliance. Tools such as Qwest Anti-Virus/ Anti-Spam, Qwest Web Defense, and Qwest Managed Firewall create layers of protection to help reduce the costs and complexity associated with managing security while preventing the impact of security threats. why QwEst Qwest delivers reliable, scalable data and voice networking solutions, across one of the U.S. largest fiber footprints. Qwest serves businesses of all sizes, ranging from small business to 95 percent of Fortune 500 companies, with industry- leading SLAs and world-class customer service. lEarn mOrE For more information about Qwest voice and data services for large businesses, visit www.qwest.com/business or call (877) 816-8553 to speak to a Qwest representative. Copyright © 2009 Qwest. All Rights Reserved. Not to be distributed or reproduced by anyone other than Qwest entities. 4 All marks are the property of the respective company. September 2009. WP101112 1/10

Recomendados

Wireless network security threats countermeasure
Wireless network security threats countermeasureWireless network security threats countermeasure
Wireless network security threats countermeasureEdie II
 
Rashed al kamdah network security threats
Rashed al kamdah network security threatsRashed al kamdah network security threats
Rashed al kamdah network security threatsrashidalkamdah
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and SolutionsColin058
 
Network Security
Network SecurityNetwork Security
Network Securityforpalmigho
 
5 Network Security Threats Facing Businesses Today
5 Network Security Threats Facing Businesses Today5 Network Security Threats Facing Businesses Today
5 Network Security Threats Facing Businesses TodayVelocity Network Solutions
 
Network security presentation
Network security presentationNetwork security presentation
Network security presentationKudzai Rerayi
 
What is Network Security?
What is Network Security?What is Network Security?
What is Network Security?Faith Zeller
 
Network security - Basic concepts
Network security - Basic conceptsNetwork security - Basic concepts
Network security - Basic conceptsKhoa Nguyen
 

Recomendados

Wireless network security threats countermeasure
Wireless network security threats countermeasureWireless network security threats countermeasure
Wireless network security threats countermeasureEdie II
 
Rashed al kamdah network security threats
Rashed al kamdah network security threatsRashed al kamdah network security threats
Rashed al kamdah network security threatsrashidalkamdah
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and SolutionsColin058
 
Network Security
Network SecurityNetwork Security
Network Securityforpalmigho
 
5 Network Security Threats Facing Businesses Today
5 Network Security Threats Facing Businesses Today5 Network Security Threats Facing Businesses Today
5 Network Security Threats Facing Businesses TodayVelocity Network Solutions
 
Network security presentation
Network security presentationNetwork security presentation
Network security presentationKudzai Rerayi
 
What is Network Security?
What is Network Security?What is Network Security?
What is Network Security?Faith Zeller
 
Network security - Basic concepts
Network security - Basic conceptsNetwork security - Basic concepts
Network security - Basic conceptsKhoa Nguyen
 
Marwan alsuwaidi
Marwan alsuwaidiMarwan alsuwaidi
Marwan alsuwaidimarwanmohammed_
 
Network security threats and solutions
Network security threats and solutionsNetwork security threats and solutions
Network security threats and solutionshassanmughal4u
 
Security Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network AttacksSecurity Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network AttacksSavvius, Inc
 
091005 Internet Security
091005 Internet Security091005 Internet Security
091005 Internet Securitydkp205
 
Network Threats
Network ThreatsNetwork Threats
Network ThreatsDan Oblak
 
Security threats
Security threatsSecurity threats
Security threatsQamar Farooq
 
Network and security concepts
Network and security conceptsNetwork and security concepts
Network and security conceptssonuagain
 
Security threats and safety measures
Security threats and safety measuresSecurity threats and safety measures
Security threats and safety measuresDnyaneshwar Beedkar
 
Network security desighn principles and authentication
Network security desighn principles and authenticationNetwork security desighn principles and authentication
Network security desighn principles and authenticationEdgar Mwangangi
 
Threats to a computer
Threats to a computer Threats to a computer
Threats to a computer FCA - Future Chartered Accountants
 
3.2.1 computer security risks
3.2.1 computer security risks3.2.1 computer security risks
3.2.1 computer security riskshazirma
 
SECURITY THREATS AND SAFETY MEASURES
SECURITY THREATS AND SAFETY MEASURESSECURITY THREATS AND SAFETY MEASURES
SECURITY THREATS AND SAFETY MEASURESShyam Kumar Singh
 
Computer Security
Computer SecurityComputer Security
Computer SecurityWilliam Mann
 
Computer security
Computer securityComputer security
Computer securityfiza1975
 
NSA and PT
NSA and PTNSA and PT
NSA and PTRahmat Suhatman
 
New internet security
New internet securityNew internet security
New internet securityuniversity of mumbai
 
Ch14 Desktop Protection
Ch14 Desktop ProtectionCh14 Desktop Protection
Ch14 Desktop Protectionphanleson
 
Cyber Security Terms
Cyber Security TermsCyber Security Terms
Cyber Security TermsSuryaprakash Nehra
 
Operating Systems: Computer Security
Operating Systems: Computer SecurityOperating Systems: Computer Security
Operating Systems: Computer SecurityDamian T. Gordon
 
Tutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the WebTutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the Webdpd
 
Cybersecurity in BFSI - Top Threats & Importance
Cybersecurity in BFSI - Top Threats & ImportanceCybersecurity in BFSI - Top Threats & Importance
Cybersecurity in BFSI - Top Threats & Importancemanoharparakh
 
Ways To Protect Your Company From Cybercrime
Ways To Protect Your Company From CybercrimeWays To Protect Your Company From Cybercrime
Ways To Protect Your Company From Cybercrimethinkwithniche
 

Más contenido relacionado

La actualidad más candente

Network security threats and solutions
Network security threats and solutionsNetwork security threats and solutions
Network security threats and solutionshassanmughal4u
 
Security Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network AttacksSecurity Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network AttacksSavvius, Inc
 
091005 Internet Security
091005 Internet Security091005 Internet Security
091005 Internet Securitydkp205
 
Network Threats
Network ThreatsNetwork Threats
Network ThreatsDan Oblak
 
Network and security concepts
Network and security conceptsNetwork and security concepts
Network and security conceptssonuagain
 
Security threats and safety measures
Security threats and safety measuresSecurity threats and safety measures
Security threats and safety measuresDnyaneshwar Beedkar
 
Network security desighn principles and authentication
Network security desighn principles and authenticationNetwork security desighn principles and authentication
Network security desighn principles and authenticationEdgar Mwangangi
 
3.2.1 computer security risks
3.2.1 computer security risks3.2.1 computer security risks
3.2.1 computer security riskshazirma
 
SECURITY THREATS AND SAFETY MEASURES
SECURITY THREATS AND SAFETY MEASURESSECURITY THREATS AND SAFETY MEASURES
SECURITY THREATS AND SAFETY MEASURESShyam Kumar Singh
 
Computer security
Computer securityComputer security
Computer securityfiza1975
 
Ch14 Desktop Protection
Ch14 Desktop ProtectionCh14 Desktop Protection
Ch14 Desktop Protectionphanleson
 
Operating Systems: Computer Security
Operating Systems: Computer SecurityOperating Systems: Computer Security
Operating Systems: Computer SecurityDamian T. Gordon
 
Tutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the WebTutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the Webdpd
 

La actualidad más candente (20)

Marwan alsuwaidi
Marwan alsuwaidiMarwan alsuwaidi
Marwan alsuwaidi
 
Network security threats and solutions
Network security threats and solutionsNetwork security threats and solutions
Network security threats and solutions
 
Security Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network AttacksSecurity Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network Attacks
 
091005 Internet Security
091005 Internet Security091005 Internet Security
091005 Internet Security
 
Network Threats
Network ThreatsNetwork Threats
Network Threats
 
Security threats
Security threatsSecurity threats
Security threats
 
Network and security concepts
Network and security conceptsNetwork and security concepts
Network and security concepts
 
Security threats and safety measures
Security threats and safety measuresSecurity threats and safety measures
Security threats and safety measures
 
Network security desighn principles and authentication
Network security desighn principles and authenticationNetwork security desighn principles and authentication
Network security desighn principles and authentication
 
Threats to a computer
Threats to a computer Threats to a computer
Threats to a computer
 
3.2.1 computer security risks
3.2.1 computer security risks3.2.1 computer security risks
3.2.1 computer security risks
 
SECURITY THREATS AND SAFETY MEASURES
SECURITY THREATS AND SAFETY MEASURESSECURITY THREATS AND SAFETY MEASURES
SECURITY THREATS AND SAFETY MEASURES
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
Computer security
Computer securityComputer security
Computer security
 
NSA and PT
NSA and PTNSA and PT
NSA and PT
 
New internet security
New internet securityNew internet security
New internet security
 
Ch14 Desktop Protection
Ch14 Desktop ProtectionCh14 Desktop Protection
Ch14 Desktop Protection
 
Cyber Security Terms
Cyber Security TermsCyber Security Terms
Cyber Security Terms
 
Operating Systems: Computer Security
Operating Systems: Computer SecurityOperating Systems: Computer Security
Operating Systems: Computer Security
 
Tutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the WebTutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the Web
 

Similar a Five Network Security Threats and Layers of Protection

Cybersecurity in BFSI - Top Threats & Importance
Cybersecurity in BFSI - Top Threats & ImportanceCybersecurity in BFSI - Top Threats & Importance
Cybersecurity in BFSI - Top Threats & Importancemanoharparakh
 
Ways To Protect Your Company From Cybercrime
Ways To Protect Your Company From CybercrimeWays To Protect Your Company From Cybercrime
Ways To Protect Your Company From Cybercrimethinkwithniche
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationE.S.G. JR. Consulting, Inc.
 
Toward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationToward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationKen Flott
 
Managed security services for financial services firms
Managed security services for financial services firmsManaged security services for financial services firms
Managed security services for financial services firmsJake Weaver
 
Why is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyWhy is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyMark Albala
 
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docxThe uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docxarnoldmeredith47041
 
International Journal on Cloud Computing: Services and Architecture (IJCCSA)
International Journal on Cloud Computing: Services and Architecture (IJCCSA)International Journal on Cloud Computing: Services and Architecture (IJCCSA)
International Journal on Cloud Computing: Services and Architecture (IJCCSA)ijccsa
 
A Multi-Layer Real Time Remote Monitoring & Corporate Network System For Viru...
A Multi-Layer Real Time Remote Monitoring & Corporate Network System For Viru...A Multi-Layer Real Time Remote Monitoring & Corporate Network System For Viru...
A Multi-Layer Real Time Remote Monitoring & Corporate Network System For Viru...ijccsa
 
Top Security Threats to Look Out for in 2023
Top Security Threats to Look Out for in 2023Top Security Threats to Look Out for in 2023
Top Security Threats to Look Out for in 2023K7 Computing Pvt Ltd
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperCMR WORLD TECH
 
12Cyber Research ProposalCyb
12Cyber Research ProposalCyb12Cyber Research ProposalCyb
12Cyber Research ProposalCybAnastaciaShadelb
 
What is Importance of Cyber Security
What is Importance of Cyber Security What is Importance of Cyber Security
What is Importance of Cyber Security Wee Tang
 
Top 10 Cyber security Threats | Cyber security
Top 10 Cyber security Threats | Cyber securityTop 10 Cyber security Threats | Cyber security
Top 10 Cyber security Threats | Cyber securityHeritageCyberworld
 
CC_Futureinc_Cyber Security
CC_Futureinc_Cyber SecurityCC_Futureinc_Cyber Security
CC_Futureinc_Cyber SecurityAlistair Blake
 
Security Threats for SMBs
Security Threats for SMBsSecurity Threats for SMBs
Security Threats for SMBsGFI Software
 
Cisco 2014 Midyear Security Report
Cisco 2014 Midyear Security ReportCisco 2014 Midyear Security Report
Cisco 2014 Midyear Security ReportCisco Security
 

Similar a Five Network Security Threats and Layers of Protection (20)

Cybersecurity in BFSI - Top Threats & Importance
Cybersecurity in BFSI - Top Threats & ImportanceCybersecurity in BFSI - Top Threats & Importance
Cybersecurity in BFSI - Top Threats & Importance
 
Ways To Protect Your Company From Cybercrime
Ways To Protect Your Company From CybercrimeWays To Protect Your Company From Cybercrime
Ways To Protect Your Company From Cybercrime
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network Automation
 
Toward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationToward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network Automation
 
Managed security services for financial services firms
Managed security services for financial services firmsManaged security services for financial services firms
Managed security services for financial services firms
 
Why is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyWhy is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economy
 
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docxThe uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
The uniqueness of the text61.5SHOW ALL MATCHESPage addre.docx
 
Emerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business ReadyEmerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business Ready
 
International Journal on Cloud Computing: Services and Architecture (IJCCSA)
International Journal on Cloud Computing: Services and Architecture (IJCCSA)International Journal on Cloud Computing: Services and Architecture (IJCCSA)
International Journal on Cloud Computing: Services and Architecture (IJCCSA)
 
A Multi-Layer Real Time Remote Monitoring & Corporate Network System For Viru...
A Multi-Layer Real Time Remote Monitoring & Corporate Network System For Viru...A Multi-Layer Real Time Remote Monitoring & Corporate Network System For Viru...
A Multi-Layer Real Time Remote Monitoring & Corporate Network System For Viru...
 
Top Security Threats to Look Out for in 2023
Top Security Threats to Look Out for in 2023Top Security Threats to Look Out for in 2023
Top Security Threats to Look Out for in 2023
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaper
 
12Cyber Research ProposalCyb
12Cyber Research ProposalCyb12Cyber Research ProposalCyb
12Cyber Research ProposalCyb
 
12Cyber Research ProposalCyb
12Cyber Research ProposalCyb12Cyber Research ProposalCyb
12Cyber Research ProposalCyb
 
What is Importance of Cyber Security
What is Importance of Cyber Security What is Importance of Cyber Security
What is Importance of Cyber Security
 
Ijnsa050215
Ijnsa050215Ijnsa050215
Ijnsa050215
 
Top 10 Cyber security Threats | Cyber security
Top 10 Cyber security Threats | Cyber securityTop 10 Cyber security Threats | Cyber security
Top 10 Cyber security Threats | Cyber security
 
CC_Futureinc_Cyber Security
CC_Futureinc_Cyber SecurityCC_Futureinc_Cyber Security
CC_Futureinc_Cyber Security
 
Security Threats for SMBs
Security Threats for SMBsSecurity Threats for SMBs
Security Threats for SMBs
 
Cisco 2014 Midyear Security Report
Cisco 2014 Midyear Security ReportCisco 2014 Midyear Security Report
Cisco 2014 Midyear Security Report
 

Más de ReadWrite

Networks, Networks Everywhere, And Not A Packet To Drink
Networks, Networks Everywhere, And Not A Packet To DrinkNetworks, Networks Everywhere, And Not A Packet To Drink
Networks, Networks Everywhere, And Not A Packet To DrinkReadWrite
 
IoT Standards: The Next Generation
IoT Standards: The Next GenerationIoT Standards: The Next Generation
IoT Standards: The Next GenerationReadWrite
 
Designing For Smarties
Designing For SmartiesDesigning For Smarties
Designing For SmartiesReadWrite
 
Dude, Where's My Product?
Dude, Where's My Product?Dude, Where's My Product?
Dude, Where's My Product?ReadWrite
 
Senator Al Franken's Letter To Uber CEO Travis Kalanick
Senator Al Franken's Letter To Uber CEO Travis KalanickSenator Al Franken's Letter To Uber CEO Travis Kalanick
Senator Al Franken's Letter To Uber CEO Travis KalanickReadWrite
 
Where In The World Is The Fastest Broadband?
Where In The World Is The Fastest Broadband?Where In The World Is The Fastest Broadband?
Where In The World Is The Fastest Broadband?ReadWrite
 
Our Bodies, Disconnected: The Future Of Fitness APIs
Our Bodies, Disconnected: The Future Of Fitness APIsOur Bodies, Disconnected: The Future Of Fitness APIs
Our Bodies, Disconnected: The Future Of Fitness APIsReadWrite
 
White paper why they chose integrated hr outsourcing- a look at three small ...
White paper why they chose integrated hr outsourcing- a look at three small ...White paper why they chose integrated hr outsourcing- a look at three small ...
White paper why they chose integrated hr outsourcing- a look at three small ...ReadWrite
 
White paper what is a peo-
White paper what is a peo-White paper what is a peo-
White paper what is a peo-ReadWrite
 
White paper options for handling your hr function[1]
White paper options for handling your hr function[1]White paper options for handling your hr function[1]
White paper options for handling your hr function[1]ReadWrite
 
Tri net wp_buildsuccess
Tri net wp_buildsuccessTri net wp_buildsuccess
Tri net wp_buildsuccessReadWrite
 
Tri net wp_10_principles_hc_plan
Tri net wp_10_principles_hc_planTri net wp_10_principles_hc_plan
Tri net wp_10_principles_hc_planReadWrite
 
Tri net eguide_hiring_2012
Tri net eguide_hiring_2012Tri net eguide_hiring_2012
Tri net eguide_hiring_2012ReadWrite
 
White paper top 5 hr compliance concerns for small business
White paper top 5 hr compliance concerns for small businessWhite paper top 5 hr compliance concerns for small business
White paper top 5 hr compliance concerns for small businessReadWrite
 
Augmented Reality for Marketers and Developers: Analysis of the Leaders, the ...
Augmented Reality for Marketers and Developers: Analysis of the Leaders, the ...Augmented Reality for Marketers and Developers: Analysis of the Leaders, the ...
Augmented Reality for Marketers and Developers: Analysis of the Leaders, the ...ReadWrite
 
The Real-Time Web and its Future
The Real-Time Web and its FutureThe Real-Time Web and its Future
The Real-Time Web and its FutureReadWrite
 
Guide to Online Community Management
Guide to Online Community ManagementGuide to Online Community Management
Guide to Online Community ManagementReadWrite
 
V mware white paper virtualizing business-critical applications with confidence
V mware white paper virtualizing business-critical applications with confidenceV mware white paper virtualizing business-critical applications with confidence
V mware white paper virtualizing business-critical applications with confidenceReadWrite
 
Security for v mware
Security for v mwareSecurity for v mware
Security for v mwareReadWrite
 

Más de ReadWrite (20)

Networks, Networks Everywhere, And Not A Packet To Drink
Networks, Networks Everywhere, And Not A Packet To DrinkNetworks, Networks Everywhere, And Not A Packet To Drink
Networks, Networks Everywhere, And Not A Packet To Drink
 
IoT Standards: The Next Generation
IoT Standards: The Next GenerationIoT Standards: The Next Generation
IoT Standards: The Next Generation
 
Designing For Smarties
Designing For SmartiesDesigning For Smarties
Designing For Smarties
 
Dude, Where's My Product?
Dude, Where's My Product?Dude, Where's My Product?
Dude, Where's My Product?
 
Senator Al Franken's Letter To Uber CEO Travis Kalanick
Senator Al Franken's Letter To Uber CEO Travis KalanickSenator Al Franken's Letter To Uber CEO Travis Kalanick
Senator Al Franken's Letter To Uber CEO Travis Kalanick
 
Where In The World Is The Fastest Broadband?
Where In The World Is The Fastest Broadband?Where In The World Is The Fastest Broadband?
Where In The World Is The Fastest Broadband?
 
Our Bodies, Disconnected: The Future Of Fitness APIs
Our Bodies, Disconnected: The Future Of Fitness APIsOur Bodies, Disconnected: The Future Of Fitness APIs
Our Bodies, Disconnected: The Future Of Fitness APIs
 
White paper why they chose integrated hr outsourcing- a look at three small ...
White paper why they chose integrated hr outsourcing- a look at three small ...White paper why they chose integrated hr outsourcing- a look at three small ...
White paper why they chose integrated hr outsourcing- a look at three small ...
 
White paper what is a peo-
White paper what is a peo-White paper what is a peo-
White paper what is a peo-
 
White paper options for handling your hr function[1]
White paper options for handling your hr function[1]White paper options for handling your hr function[1]
White paper options for handling your hr function[1]
 
Tri net wp_buildsuccess
Tri net wp_buildsuccessTri net wp_buildsuccess
Tri net wp_buildsuccess
 
Tri net wp_10_principles_hc_plan
Tri net wp_10_principles_hc_planTri net wp_10_principles_hc_plan
Tri net wp_10_principles_hc_plan
 
Tri net eguide_hiring_2012
Tri net eguide_hiring_2012Tri net eguide_hiring_2012
Tri net eguide_hiring_2012
 
Peo study
Peo studyPeo study
Peo study
 
White paper top 5 hr compliance concerns for small business
White paper top 5 hr compliance concerns for small businessWhite paper top 5 hr compliance concerns for small business
White paper top 5 hr compliance concerns for small business
 
Augmented Reality for Marketers and Developers: Analysis of the Leaders, the ...
Augmented Reality for Marketers and Developers: Analysis of the Leaders, the ...Augmented Reality for Marketers and Developers: Analysis of the Leaders, the ...
Augmented Reality for Marketers and Developers: Analysis of the Leaders, the ...
 
The Real-Time Web and its Future
The Real-Time Web and its FutureThe Real-Time Web and its Future
The Real-Time Web and its Future
 
Guide to Online Community Management
Guide to Online Community ManagementGuide to Online Community Management
Guide to Online Community Management
 
V mware white paper virtualizing business-critical applications with confidence
V mware white paper virtualizing business-critical applications with confidenceV mware white paper virtualizing business-critical applications with confidence
V mware white paper virtualizing business-critical applications with confidence
 
Security for v mware
Security for v mwareSecurity for v mware
Security for v mware
 

Five Network Security Threats and Layers of Protection

  • 1. Five NetwoRk SeCuRity thReAtS ANd how to PRoteCt youR BuSiNeSS A layered approach to security may be your best defense ExEcutivE OvErviEw — cOntrOl layErs tO dO mOrE with lEss Threats abound in today’s corporate networks. There’s no getting around it. Keeping your enterprise and its data and corporate assets Security budgets are continuing secure necessitates a proactive security posture. Being proactive to feel the strain of the current involves understanding the assets that require risk mitigation and the economy. Unfortunately, proper controls to support your risk management strategy. This paper network and system threats uncovers the five most costly network security threats that enterprises won’t take a break, even in a battle today and how you can protect your business by implementing down market. key layers of control and taking advantage of managed security services to do more with less. EcOnOmic gain frOm thrEats — businEss thrEat is grOwing The increasing virulence of attacks over the past 20 years is considerable. Along with the global, connective nature of the Internet, threats have evolved from one-off incidents caused by fame-seeking hackers to organized attacks by malicious parties seeing profit. And as the reliance on IT infrastructure grows, the attack surface increases; there are more opportunities than ever. The trend is evident in the rise of “botconomics” — the joining of botnets to compromise a network in an effort to make money. Compromised digital assets have been monetized and, without proper security controls, are up for grabs. The economic force driving the underground value chain for stolen data is immense and has evolved to comprise black markets for selling stolen data, mules to carry out purchase transactions using the stolen data, auction market places to resell the goods, and currency transaction services to transfer the ill-gotten funds. Network attacks against major online brands such as Yahoo®, Google™ and Twitter™ have brought the issue to the media mainstream. Business communications and employee work behavior have evolved to increase the flexibility of where we work, how we access data, and applications we use to communicate. This flexibility has brought about consequences as it introduces new attack vectors to a company’s environment. More employees are using devices other than their work PCs to access data and are adopting communication applications that foster collaboration and social networks (i.e. wikis, IM, Blogs, Facebook®, Twitter). Without the confinement of applications, systems and communications within the corporate network of yesterday, the environment is now more mobile and diverse, and this has a huge impact on how we interact with data. Our workforces on the road or at home can access information from devices other than their PCs. Communication has expanded beyond email and instant messaging to other forms such as micro blogging, now used in the corporate environment. The question is, given this environment, how can you control the spread, or leakage, of data? Copyright © 2009 Qwest. All Rights Reserved. Not to be distributed or reproduced by anyone other than Qwest entities. 1 All marks are the property of the respective company. September 2009. WP101112 1/10
  • 2. Although companies must operate according to certain governmental or industry requirements, and demonstrate to auditors that they are in compliance with those requirements on an ongoing basis, there’s always human error. People can unintentionally leak data through email or web sites. Technologies such as link prevention can help to control security mishaps, but they’re not fool proof. Fortunately, you can take steps to prevent threats, but you must first understand where the threats lie. The cost of security is high, including expenses for systems and tools, people and resources to configure and monitor security systems, and the time and material to develop the appropriate processes to ensure everyone adheres to policies. Before allocating your security budget, make sure you’re putting your dollars where they will be most effective. A solid understanding of the most damaging threats will help you make informed decisions about your security infrastructure. thE fivE mOst cOstly nEtwOrk sEcurity thrEats Network threats are numerous, but some are more deadly than others. Here are five of the most costly threats: 1. botnets. In the past, “botnets” were created for fun, and to satisfy the curiosity and egos of rogue hackers. These individuals would manually compromise systems and move on, without leaving too much damage. Today, botnets are virtual chop shops—sophisticated and monetized, they can be used for serious cybercrime. In fact, botnets are the primary vehicle for cyber criminals. They can be used to steal identities from hundreds of people on the other side of the world with a single attack. Today’s botnets are also more resilient. They’re built on tiered infrastructure and the technology they use has evolved to HTTP and peer-to-peer channels with encryption. Consequently, they’re hard to take down. They can also be managed remotely, so there’s a slim chance of finding the culprit. To combat the botnet threat, companies need security expertise. It’s worth the money, because the impact of a sophisticated botnet attack to an organization can be huge, resulting in a tarnished reputation, hefty fines and even lawsuits. And not only large companies need to worry; smaller companies are also at risk. 2. Phishing. The practice of “phishing,” or masquerading as a trustworthy entity to get credentials from someone over the Internet, is becoming more and more sophisticated and easy to do. There is a rise of kits on the open market that cost as little as $49. They enable anyone to copy legitimate sites and set them up for malicious purposes. Phishing is second only to spam for compromising systems on the Internet today, and many are hosted on botnets. Through phishing sites, hackers can harvest credentials of individuals and index them based on many dimensions. The impact is costly, resulting in fraud, stolen identities and compromised data. 3. malware. There’s been an explosion of malware in the last few years. According to a study from the University of Michigan & Arbor Networks Inc. called the Internet Malware Classification and Analysis (2007), 75,000 to 250,000 new families or variants of malware were released in 2006, and that number ballooned to 60,0000 to 80,000 per month in 2008. It’s estimated that there’s a new variant released every 30 seconds. Although antivirus software coupled with intrusion detection solutions is the front line of defense, it fails to detect malware 20–62% of the time. 4. distributed denial of service attacks. Distributed denial of service (DDoS) attacks are growing in number and in size. DDoS attack size continues to outpace the size of average dedicated Internet access circuits. According to a 2008 worldwide infrastructure security report by Arbor Networks, 57% of ISPs have reported attacks larger than 1 Gbps. Attacks of this size can cause prolonged outages of prominent Internet facing services, such as online bill pay and VoIP. 5. attack sophistication. Because many companies have put in infrastructure to mitigate simple attacks, the attacks are evolving and becoming more sophisticated, and they’re overwhelming network transactions on the back end instead of on the Internet facing side. DNS-based abuses like PRNG name generation, DDoS vectors and rouge DNS servers are common. Another attack vector is the router. Wormable attacks like Conficker can compromise as many as 2 million systems or more. Attacks of this magnitude are difficult for companies to prevent on their own with internal resources, and many are turning to cloud providers who can dedicate the resources to a more sophisticated security system. Copyright © 2009 Qwest. All Rights Reserved. Not to be distributed or reproduced by anyone other than Qwest entities. 2 All marks are the property of the respective company. September 2009. WP101112 1/10
  • 3. mitigating thrEats: thE kEy layErs Of cOntrOl tO bE mOrE PrOductivE There are some key layers of protection that should be implemented to provide effective threat prevention and mitigation. For example, service providers can deliver security services to prevent the effects of phishing on enterprises by screening traffic before it enters the enterprise network. This capability enables users to be more productive, as well, because it lowers the infection risk and rate, and removes the burden of deleting spam and filtering out bad email. To fight malware, organizations need a combination of anomaly detection, customer premise equipment and ISP in-cloud security systems. When implemented only at the network’s perimeter, Intrusion Dectection or Preventions Service (IDS/ IPS) devices will drop unauthorized packets but cannot prevent a DDoS attack, because the number of packets would cause disruption to the Internet link. If you mitigate DDoS attacks in the cloud, the packets are dropped in the cloud, so only filtered traffic would travel to the corporate network. Using cloud services mitigates security issues away from the network to preserve people and resources, is often transparent to users and requires no additional hardware or software to be installed on the premise. Another security challenge involves the increasingly mobile workforce. Most companies have security at the perimeter because, historically, most system attacks occur there. However, as more employees work remotely, there’s a need to expand security to the laptop and other mobile devices and enforce endpoint compliance. One interesting technology available is endpoint compliance software offered by companies like Symantec, Checkpoint and Fiberlink. This technology allows you to enforce that end users use firewall and antivirus software any time they access the network remotely. Endpoint compliance software enables you to ensure all endpoints are compliance with corporate security policies by pushing out the latest patches and updates. In this way, you can be certain remote access points are not vulnerable to the latest exploits. There are a multitude of technologies are available for each layer of the network. It’s important to layer on all of these technologies for complete protection against all possible threats: • System level: Encryption and Human Interface Devices (HIDs). • Network perimeter: Firewalls, malware filters, IDS/IPS systems, content filtering, data leak prevention, spam filters and vulnerability assessments. • Cloud: DDoS mitigation, firewalls, malware filter, spam filters and vulnerability assessments. • Mobile devices: Firewalls, malware filter, anti-sypware, disk encryption, data leak prevention, and endpoint compliance. Copyright © 2009 Qwest. All Rights Reserved. Not to be distributed or reproduced by anyone other than Qwest entities. 3 All marks are the property of the respective company. September 2009. WP101112 1/10
  • 4. dO mOrE with lEss — wOrk with a PrOvidEr tO incrEasE succEss Security budgets are continuing to feel the strain of the current economy. Unfortunately, network and system threats won’t take a break, even in a down market. The financial consequences of a breach will be even more devastating, so it’s important to invest wisely when planning your network security strategy. Evaluate the attack service in your network and determine what areas are critical to your business. As you anticipate your company’s future security needs, you may decide to partner with a service provider who can offer expertise and resources that you don’t have in-house. The benefits include predictable costs and solutions that have been designed, implemented and vetted in production environments. Working with a provider, you can avoid technology obsolescence and offload the heavy lifting while redirecting your own resources to revenue-generating efforts. Whether you take on the task of securing your network alone, or consult a partner, don’t ignore the threat, and take a layered approach to protect your network from every angle. CoNNeCt. SimPliFy. eNhANCe. ® with Qwest Business Solutions® Qwest is focused on helping you work smarter, with services that leverage the latest technology and award-winning support. Here are a few solutions that can address the issues covered in this solutions brief: managEd sEcurity sErvicEs With Managed Security Services, Qwest can administer and monitor your network on your behalf while you concentrate on other mission-critical elements of your business. Let Qwest allow you to focus on what’s important—your business. And, save you time and money through the use of our expert tools, skills, and processes to improve system uptime and performance, optimize security investments, improve employee productivity, and demonstrate compliance. Tools such as Qwest Anti-Virus/ Anti-Spam, Qwest Web Defense, and Qwest Managed Firewall create layers of protection to help reduce the costs and complexity associated with managing security while preventing the impact of security threats. why QwEst Qwest delivers reliable, scalable data and voice networking solutions, across one of the U.S. largest fiber footprints. Qwest serves businesses of all sizes, ranging from small business to 95 percent of Fortune 500 companies, with industry- leading SLAs and world-class customer service. lEarn mOrE For more information about Qwest voice and data services for large businesses, visit www.qwest.com/business or call (877) 816-8553 to speak to a Qwest representative. Copyright © 2009 Qwest. All Rights Reserved. Not to be distributed or reproduced by anyone other than Qwest entities. 4 All marks are the property of the respective company. September 2009. WP101112 1/10