Last year, Cisco Systems’ Talos security uncovered and stopped the largest Angler exploit kit operation in the United States, which targeted 90,000 victims per day and was projected to generate $30 million annually in ransomware payments. And that’s just one attacker. What’s even more concerning is that traditional security systems stop only about 40% of today’s attacks, according to Ars Technica.
Statistically speaking, your customers’ networks are highly likely to be compromised already. According to “Cisco 2016 Annual Security Report,” more than 85% of organizations studied were found to be infected with malicious browser extensions. Additionally, current industry estimates indicate that the time to detection (TTD) for security compromises averages 150 days (5 months).
Some security researchers suggest browser infections are on the decline, but a study conducted by Cisco Security Research (also mentioned in Cisco’s 2016 report) tells a different story. The study examined 26 families of malicious browser add-ons from January to October 2015. Although the pattern of browser infections appeared to be on the decline, further analysis revealed another variable at work. HTTPS traffic increased during this same period, making it difficult to identify the indicators of compromise associated with the 26 malware families because encryption meant that URL information was no longer visible. What this research suggests is that not only are lots of companies already unknowingly infected, but it could take them five months to even realize it!
Full-Continuum Protection Is Needed to Mitigate Today’s Security Threats
The problem with most security protection solutions on the market is that they focus on only one aspect of security—prevention. As soon as the attack breaks through (or sneaks around) their defenses, they are only programmed to focus on preventing the next attack. Cisco security solutions, on the other hand, use a threat-focused approach that gives service providers control across the full attack continuum—before, during and after. Partners can see how the system was breached, what was done and what they need to do to mitigate the problem. This is highly valuable considering the majority of money spent on cybersecurity comes after a breach. Instead of hiring expensive consultants to come in and do the work, administrators can handle it themselves with information provided by Cisco’s security solutions.
Cisco ASA (adaptive security appliance) with FirePOWER Services are key components of Cisco’s vision for consistent security policies across physical, virtual and cloud environments. The bundled security solution comprises a threat-focused next-generation firewall (NGFW) that includes URL filtering, application control, Cisco next-generation intrusion prevention systems (NGIPS), and Cisco AMP (advanced malware protection). With these security appliances, advanced threats are identified, contained and remediated without inhibiting service delivery or network flexibility, speed or scalability.