Securing the Digital Transformation

Key Takeaways from Cisco Live Berlin 2017

Digital Transformation is the Core of Every Business

2016-2017 introduced the era of Digital Transformation. Digital transformation is the change associated with the application of digital technology in all aspects of human society. Digital transformation inherently enables new types of innovation and creativity to increase business competency rather than simply going paperless.

Ruba Borno PhD, Vice President Cisco Growth Initiatives, shared Cisco’s vision that the only future-proofed solution for digital transformation is a next-generation secure network. Security is no longer static, and securing all the organization’s access points is no simple task. IoT, mobile work force, cloud applications and increased sophistication of attackers and attack methods require better preparation. Organizations need to fundamentally change how they build, manage and secure networks.

Digital transformation was the apparent theme across this year’s Cisco Live Berlin. With security becoming the key enabler for any organization IT investment, this paper covers the key trends in securing the digital transformation, along with new solutions announcements covered at Cisco Live Berlin 2017.

Attackers Are Relentless; Defenders Are Tired

Attackers have infinite time to plan their next attack: choose a victim, gather intelligence, select the right attack tools, test them, coordinate an attack and then launch the attack at their convenience. There are plenty of attack tools available at the Clearnet and the Darknet, and there are plenty of opportunities to strike again and again – till success.

Defenders, on the other hand, have to overcome every attack attempt. They do not have a second chance. They have limited budget, their job is at stake, and they need to keep up with education, training, selecting the right solutions and maintaining an effective security posture.

This is where the difference between detection and protection becomes critical. To protect against attacks you need first to detect that you are under attack. Security solutions often focus on shortening the time to detect. Yet, they also need to shorten the time to protect – this is where automation becomes important. Solutions that automate more stages of the attack lifecycle will be more successful in dealing with the more dynamic, automated attacks organizations experience today.

[You might also like: As Cyber Security Programs Lose Their Moorings to Ransom-DoS: Radware Introduces the Ultimate Guide to Cyber Ransom]

Ransomware Becomes a Major Threat

I urge you to watch ransomware – an anatomy of an attack. This video, played at multiple Cisco Live sessions, provides an insight to an attacker’s daily work. It is about the details. The attacker does not need to develop any tool or software. They only need to select the right tools from an endless variety and use them smartly.

DDoS attacks have also joined the mix of ransom attacks by slowing down organization operations and even completely shutting down their online presence.

What can you do against ransomware? Although widely discussed during multiple sessions at Cisco Live Berlin 2017, I have not seen a solution that is truly designed to address this threat. Cisco speakers discussed a multi-layered security approach where they highlighted some capabilities in their solutions that can help improve a business security posture against the ransom threat.

What can you do to fight this threat? As always, prevention is the key. And prevention is about education, education and again – education. Attackers lure employees to open unsolicited mails, download software updates and harness multiple social engineering techniques. You need to be more suspicious and ask yourself if this is a safe operation beforehand.

DDoS Attacks Are On the Rise

We know how to protect endpoints – desktops, laptops and other mobile devices. We know how to protect our enterprise network. We use firewalls, intrusion prevention systems, anti-virus, anti-malware and other perimeter network security solutions.

What we do not know is how to protect infrastructure against DDoS attacks. Data centers, service providers and cloud providers are all vulnerable to network flood attacks. The recent Dyn attack and the celebrity Mirai botnet are clear reminders that we need to get ready.

IoT is a real threat. We are adding 1 million devices per hour to the internet and the majority of them are directly accessible with no or limited security measures. A 1 terabit-per-second DDoS attack is expected this year 2017.

We need to think differently. DDoS attacks are not a problem of specific organizations. It is a problem of the community. Attack mitigation should start at the service providers’ network and leverage to the enterprise data center. It should be more simple and manageable.

Effective Security: Keep It Simple

Digitization has created unprecedented growth opportunities. With more than 50 billion connected devices estimated by 2020 (According to Cisco), business leaders are questioning how new digital trends will impact their business — but so are the active adversaries seeking to profit from well-organized cybercrime operations. As the attack surface continues to expand, so has the need for a more effective approach to security.

According to Cisco, a typical organization deploys some 50 different security devices and solutions in their network and data centers. Every new solution contributes an incremental level of security; however, it increases network complexity exponentially. The challenge of effective security is not what to secure, but how to manage it?

The answer is keeping it simple. Security that is integrated, automated and simple to manage will be foundational to the success of digital businesses as they work to deliver protection from the network to the mobile user and the cloud — wherever employees work and data resides.

Did I mention automation? David Ulevitch, VP Cisco Security Business Group, discussed automation. His view is that the only way to win the cyber war is through automation: let the machines run the machines.

This is the path to effective security. It’s a continuous process, not a one-time effort.

[You might also like: Validating Cisco’s Threat-Centric Security Solutions]

Cloud Is the Secret Weapon

The secret weapon in our security toolbox is the cloud. Why? Here are few arguments:

a) Cloud offers elastic and unlimited resources. You can use compute and storage for data collection and analytics to look at user behavior. This helps you make the right security decision per user, per transaction or per location.

b) Cloud offers the ideal management and control for all enterprise applications – on premises and in the cloud.

Look for cloud as an integrated solution. If the vendor offers you APIs – move on. You do not have the time or the resources to use APIs.

ACI at New Heights

I recall John Chamber’s keynote from Cisco Live 2015, where he admitted that Cisco was late in identifying the SDN (Software-Defined Network) market. John promised that Cisco was going to fix that. Indeed Cisco introduced its flavor for software-defined networking called Application Centric Infrastructure (ACI). ACI is Cisco’s foundation for the Software Defined Data Center (SDDC) initiative.

At the event, Cisco announced that it further expands ACI – turning it from a pure data center solution to a multi-site solution. Cisco introduced multiple data-center automation tools, further empowered its ACI ecosystem with more than 65 technology partners and launched a new ACI marketplace so users can share their ACI applications and blueprints.

Why Cisco leaders believe that ACI will win the SDDC market? Because it is application-centric and introduces operational simplicity. Did I mention automation?