INDUSTRY FOCUS: ENTERPRISE
ENTERPRISE Protecting Large Enterprises from Advanced Global Cyber Threats with Real-Time Actionable Threat Management
5 INDUSTRY NEEDS: 1. Cyber attacks against Enterprise-class organizations are increasing in frequency and severity each year. Malware exploits are the biggest security threat to enterprises while Advanced Persistent Threats (APTs) are fueled by monetary gain and cyber espionage warfare. Ransomware is now a global plague to enterprises worldwide where 40 percent of enterprises have been hit by ransomeware in the last year. 2. IT departments are plagued with budgetary and resource constraints resulting in a lack of investments in new and effective network security technology. In a 2016 survey of security professionals only 49 percent are satisfied that they have the technology, processes, and expertise to prevent a damaging cyber attack. 3. Situational Awareness is needed to increase network visibility, identify, and investigate anomalous behaviors. Network visibility can help enterprises discover things about their networks and user behaviors that were never before realized, and as a result can help enhance security polices. 4. IT departments face mounting pressure to implement and manage IT tasks in order to achieve business goals. IT departments have become less security-focused and more business-management focused. 5. Due to the extremely large and interconnected networks within global enterprises, a scalable and comprehensive network security solution with real-time monitoring is needed to protect sensitive customer information and corporate intellectual property from both external and insider threats around the clock. PERSPECTIVE The number of data breaches continue to escalate for 2016 and the threat of cyber attacks continue to monopolize the news headlines around the world, raising concerns among corporations and consumers. The Identity Theft Resource Center Breach (ITRC) reports that
Tactical FLEX, Inc.
Page 2 ! of 6 !
there have been over 600 data breaches recorded this year with more than 21 million records exposed since the beginning of the year. This figure is more than 14 percent above the number reported for the same period. The business sector topped the breach list while the Health and Medical sector came in second place. The Banking/Credit/Financial sector ranked third, and in fourth place is the Government and Military sector. According to the Verizon 2015 and 2016 Data Breach Investigations Reports, cyber threats have been increasing in sophistication, but many criminals still rely on decades-old techniques such as hacking and phishing. No sector, locale, or organization is safe from attacks. The attackers behind this year’s incidents were external actors fueled by financial gain. They implemented attacks by means of hacking, malware distribution, phishing, and social engineering. Unfortunately, as the time for attackers to compromise a target decreases, so too does the time for companies to discover a security incident. A concerning trend also observed is that of hackers managing to remain on organizations’ networks for extended periods of time without being detected. Hence, there are probably many more enterprise victims whose networks have been compromised without knowing it. The Cyberthreat Forecast predicted that more cyber attacks against larger corporations and enterprises will also take place on a global scale. Aside from the United States and Western Europe, countries in Southeast Asia, Eastern Europe, and the Middle East will also be heavily affected. Fueled by monetary gain, cyber criminals are utilizing a blend of advanced attacks to siphon sensitive information while cyber espionage spies are accelerating extensive cyber intrusion efforts to perpetrate economic espionage. The Pentagon believes that attempts to collect U.S. technological and economic information will continue at a high level and will represent a growing and persistent threat to U.S. economic security. The U.S. is now facing a massive transfer of wealth in the form of intellectual property which will change the competitive global economic climate and negatively impact the economic prosperity of the U.S. The one positive finding in the forecast is that the bombardment of high-profile security attacks and data breaches have given cybersecurity a higher priority overall. The Economist Intelligence Unit (EIU) conducted a survey among C-suite members with respondents representing a range of industries in 16 countries. The EIU reported that the greatest damage that cyber attacks could do to their companies is the loss of consumer trust through reputation damage. Brand reputation is also seen as a fragile asset. All of the companies targeted in top ten cyber attacks in the last five years have been hit with shareholder or customer lawsuits. The survey further reported that respondents are not only concerned about the consequences of an attack but also the likelihood that a successful attack will happen again. The Ponemon Institute recently conducted a survey and found that companies experience an average of more than one cyber attack per month and that external cyber attacks cost the average enterprise an alarming $3.5 million a year. Large organizations overall are more visible to attackers which increases the likelihood of an attack in their IT systems. Enterprises with more than 2,500 employees are most targeted by cyber attacks. Top U.S. cybersecurity officials have also uncovered that corporate hacking has become more widespread and according to the Insurance Journal, "at least a half-dozen major U.S. companies whose computers have been infiltrated by cyber criminals or international spies have not admitted to the incidents despite new guidance from securities regulators urging such disclosures.” Advanced Persistent Threats (APTs) have received a great deal of
Tactical FLEX, Inc.
Page 3 ! of 6 !
attention in large part of the significant publicized attacks against the information assets of major enterprises. In the U.S. alone, nearly 80 percent of enterprise companies have suffered a cyber attack in the last year and more than half experienced a ransomeware incident. According to Security Magazine, 40 percent of enterprises have experienced a ransomware attack in the last year, and of these victims more than a third lost revenue and 20 percent had to stop business completely. Ransomware has now evolved into one of the biggest cyber security threats worldwide. The escalating number of cyber intrusions aimed at large enterprises can also be attributed to a number of unique factors and challenges. IT departments are plagued with budgetary and resource constraints. Pricewaterhouse Coopers reported that many CIOs endanger their companies by not spending enough on security. As the cost and likelihood of security breaches increases, CIOs need to elevate security measures. According to CIO Magazine’s Enterprise Security Spending Research, most of the enterprise security spending is still hidden outside of any dedicated, centralized IT security budget. Only 42 percent of IT security executives surveyed have such dedicated IT security budgets in place, while a large percentage of corporate security managers are also less optimistic about any increase in budget growth expectations. This scenario curtails any desire to invest in capable security technology in order to improve operational productivity, as well as the detection and prevention of advanced security threats. The important survey also revealed an intense business-side pressure to deploy and manage IT to achieve business goals resulting in the reduction of IT consulting spending as part of the corporate security budget, where it exists. The focus to achieve business goals has led IT departments to become more reactive and business-management focused instead of security focused. In addition, the task of securing an expansive, interconnected, and geographically dispersed enterprise computer network is challenging and complex. Large enterprises overall face many challenges and security regulations and also have many opportunities to lose critical data that can jeopardize the business operations, corporate data, and vital customer base. Due to the extremely large and interconnected networks within global enterprises, a scalable and comprehensive network security solution with real-time monitoring is needed to protect sensitive customer information and corporate intellectual property from both external and insider threats around the clock. Malware exploits are the biggest security threat to enterprise security. Cyber criminals are still targeting Microsoft Windows systems in an enterprise environment while Advanced Persistent Threat malware has become more aggressive at siphoning sensitive protected corporate data for monetary gain and cyber espionage warfare. In addition, exploit kits such as Ransomeware is used by cyber criminals as an effective generator of revenue, and enterprise employees appear to be the preferred target. Lack of visibility has been the biggest obstacle leaving employees open to attacks. WHY LEADING ENTERPRISE-CLASS ORGANIZATIONS RELY UPON AANVAL: • • •
To proactively monitor and respond to all security breaches, including malware exploits, Ransomware variants, and advanced persistent threats (APTs) in the goal of preventing data breaches, as well as reduce remediation expenses. To deliver a market-leading network security solution that will also provide substantial cost savings, while improving security risk management practices and meeting regulatory requirements and business goals at the same time. To drive operational efficiency through the intelligent use of automation technology. Aanval’s automated database management simplifies the security tasks of capturing and managing a large number of security events as well as creative valuable user and database
Tactical FLEX, Inc.
Page 4 ! of 6 !
• • •
activity reports to monitor both external and internal insider threats, and delivering real-time alerts. To obtain real-time situational awareness in order to quickly and accurately summarize network event information and provide IT departments with the resources they need to identify actual risks and make sound decisions during critical moments. To effectively deliver crucial scalability to accommodate additional network growth and to also manage, archive, and store more than 1 billion events. To improve network security posture across all networks including WLAN network devices, thereby protecting all critical assets and e-commerce websites.
TACTICAL FLEX, INC. SOLUTIONS Cybersecurity attacks against enterprises are continually evolving and targeting more large firms. These security events, if successful, can damage business reputations and lead to financial losses, legal actions, loss of revenue, or potential liability. According to a 2016 study released by Ponemon Institute, most IT and information security leaders are aware of the risk and high cost of external internet cyberattacks, but only a small percentage believe their business is equipped to handled them. The Enterprise Security Spending Trends paints a bleak reality that “security strategies have not changed very rapidly in response to these strong trends sweeping through IT. The trends of today are not having a transformative effect on IT security strategies.” More than ever enterprise and CIOs need to become more prepared to deal with today's growing cyber menace. Implementing a common sense security riskinvestment approach means adopting and investing in high-tech security solutions. In order to effectively prevent successful security breaches from actualizing and becoming a persistent threat, a complete network security solution with situational awareness and a strong intrusion detection technology is required. Tactical FLEX, Inc. understands that large enterprises need a comprehensive, scalable, and affordable real-time threat management solution that gives large corporations the technological power and operational efficiency to accelerate the accurate detection of advanced security threats and pinpoint security risks in order to safeguard their critical assets and customer databases, as well as maintain regulatory compliance. Aanval’s SIEM and IDS cyber defense
Tactical FLEX, Inc.
Page 5 ! of 6 !
solution provides around-the-clock monitoring of all in-bound and out-bound network traffic, including both user and database access activities, and the effective detection and prevention of malware exploits, advanced persistent threats, and ransomeware variants. Aanval’s nextgeneration technology features include a unique situational awareness engine that allows enterprises to quickly identify which specific devices, services, and approximate areas of the network are most at risk and which are more likely to be a problem in the future. In addition, Aanval also delivers multiple source event collection, correlation and archiving, and false positive-reducing event validation that further delivers event analysis, making it simpler to investigate and prevent anomalous behaviors including advanced threats. Additionally, Tactical FLEX, Inc. is a trusted security vendor, with its products and services protecting over 6,000 organizations world-wide in more than 100 countries. Review Aanval products and Aanval services or contact us at 800-921-2584 to speak with our knowledgeable staff immediately.
Tactical FLEX, Inc.
Page 6 ! of 6 !