We’re under attack and to say organizations across the board are slow to respond is an understatement. On average, it takes the Enterprise anywhere from nine to eighteen months to identify that a security breach has occurred.
How much data do you think the bad guy is able to exfiltrate in that period of time? All of it!
The demands for Cyber Security amid the ever-increasing pressures in the enterprise for bigger, better, faster and yesterday, have become a huge challenge for any administrator and/or security professional.
Within the plethora of technologies, demands from users and compliance, keeping the organization’s most prized assets – their data – safe is a highly complex task. Time and again, the age old problem perpetuates a weakened security posture. Is this Groundhog Day reality, the result of highly sophisticated and innovative threats? Are attackers all of a sudden much smarter and more coordinated?
Some may be, but breaches continue because of simplistic basics that include poor patching practices, inadequate network hygiene and that ultimately culminate with an end-user population that is ill-equipped to combat the ever evolving threats bombarding their inboxes.
Case in point: most of the headliner breaches within the past year involve users and email. Users click on an email, are directed to a malicious site and the fun begins. Ransomware, anyone?
While there is no magic wand in the war against Cyber Attacks, the key differentiators between successful mitigation of risk lies not only in the fundamental product choices but especially how we operationalize those solutions and their features. Citrix provides an ideal solution for enabling organizations to establish a locked down secure infrastructures that all at the same time enables users by providing more freedom than ever before.
Where do we begin?
Let’s pause and say that it’s critical to understand behavior. Behavior is unique to each and every network. You must understand what is “normal” in each of your environments to have any chance to identify when a real problem exists.
A starting point is to design specific logical layers, isolating critical data and assets to enable a defense in depth strategy that will standup to the strongest adversaries. What would a robust design look like?
Basic components would be laid out like this: isolation begins with Netscaler, providing secured and flexible access to any portions of the infrastructure. Inside the network, virtual desktops and virtual applications would be deployed with purposeful decisions regarding policies and controls to ensure business resiliency as well as the confidentiality, integrity and availability of data. Following, data classification and enterprise mobility management ultimately provides flexible accesses as needed, on any device at any time.
The entire environment should be configured with forensics and auditing in mind, thus enabling log collection and task automation to deal with critical items as they are discovered. Designing the environment with security deliberately integrated from the start will position your organization to not only combat today’s threats, but enable your organization to be a force to be reckoned with in the future.
Whether you’re in a highly regulated industry or a small business that cannot afford a breach, come and learn how the Citrix product suite is key in every Cyber Security Strategy. My theater presentation at Citrix Synergy 2016, SYN506: “Strategies of a Cyber Warrior” is on Thursday, May 26th at 2:30pm.
Connie Barrera, CISO has more than 24 years of experience in the IT industry. As the CISO she is responsible for developing policy and standards and security architecture for the enterprise. Connie holds the following certifications: MCP, MCSE, CCNA, CCM, CCA, CRISC, CISA, CISSP, ISA, PCIP and CCP-M. She has been a presenter at leading industry events including Citrix Synergy since 2011. Follow her on Twitter: @conniebarrera1