June 18, 2020
By Jim Anderson
It’s a whole new world. Cybercriminals are becoming more advanced in their attacks, utilizing multiple techniques to wreak havoc – especially given the new cybersecurity challenges that COVID-19 brings to the table.
Many of today’s cybersecurity offerings work in isolation, without one system knowing what the other is doing or experiencing. This siloed approach makes malware threats harder to stop. A lack of cybersecurity integration, combined with the way today’s networks are connecting to more devices than ever before, has created a cybersecurity landscape unlike one we’ve ever seen.
In the past, firewalls and antivirus software could get you pretty far. Today, those components are only part of what should be a comprehensive, layered cybersecurity approach that uses various techniques to protect endpoints, your environment, and your workers – both remote and in the office – from cyber threats. So what components make up layered cybersecurity?
First, it’s important to determine your current security status. This helps you get a handle on the problems you know about – and the ones you don’t. It can be done through things like penetration testing, vulnerability assessments, and risk analysis. Knowing where your weaknesses lie will help you decide how you’re going to stop unknown threats, deny attackers, and prevent ransomware and malware.
There are seven integrated components that should make up your organization’s layered cybersecurity approach.
1. Endpoint Protection
Look for more than common, signature-based antivirus protection. Adding machine learning and artificial-intelligence capabilities into your endpoint protection can help you detect known and never-before-seen malware that evade signatures altogether. This lets you take a predictive vs. reactive approach to endpoint security and blocks malware before it executes by detecting it within milliseconds.
2. Firewalls
Next-generation firewalls should offer deep-learning capabilities (like artificial Intelligence and machine learning) and have the ability to “talk” to your endpoints (and vice versa). When your firewall can gather information from an endpoint device to determine which application is responsible for generating unknown network traffic, you’ll get better protection and won’t have to worry about responding to as many incidents.
3. Email and Phishing Protection
Deep-learning capabilities are necessary in email protection, too. Email threats change daily – you have to defend not only against what’s happening today, but also what will happen tomorrow. Using artificial intelligence to block zero-day malware and unwanted applications can stop phishing attacks, detect fraudulent email addresses that impersonate trusted contacts, protect sensitive data, and reduce spam. When your email security is integrated with endpoint protection, automatic detection and clean-up of infected computers becomes simpler and more hands-off for the IT team.
Along with email/phishing protection should come employee education campaigns as well. Spend time training staff members on how to recognize legitimate vs. non-legitimate email traffic – and what to do if an email seems suspicious.
4. Mobile Management and Protection
Mobile device protection doesn’t do much good if productivity is sacrificed as a result. Look for mobile protection that offers app control (with a whitelist and blacklist of apps), reviews content for malicious activity, protects against malware and ransomware, has anti-phishing capabilities, and provides web protection and filtering.
5. Server Protection
All-in-one server protection that uses deep learning gives you the ability to analyze your security posture at any time while you also stop unknown threats, block exploits, deny hackers, and prevent ransomware. Your server protection should be able to share data between the server and firewalls for better, faster, smarter, and automatic protection.
6. Encryption
The process of keeping data safe shouldn’t be one that slows down work practices – it should be transparent to employees. To protect company information, look for the ability to encrypt content as soon as it’s created – with continuous validation of the user, application, and security integrity of a device before it accesses encrypted data. Once encrypted, the files should remain secure despite how and where they’re shared.
7. Web Protection
Prevent unsafe web browsing and monitor web traffic with web protection that offers URL filtering, content scanning, and malware defense during browsing. This prevents network users – whether they’re onsite or offsite – from accessing content or sites that are known for malware.
Synchronized Security from CEC Partner Sophos
To simplify security and unify your cybersecurity defenses, CEC partners with Sophos to offer layered cybersecurity through Synchronized Security: endpoint, network, mobile, email, and encryption products that share information in real time, work together, respond automatically to incidents.
This partnership gives you access to a system that blocks all known ransomware and tracks every incoming threat, its impact, and how to stop it.
Through deep learning, your layered cybersecurity protection can actually learn from the data it collects and make changes without manual intervention, making an IT department’s world a little bit more peaceful.
Want to learn more about your current cybersecurity posture or how you can improve it? Call us at 319-294-9000 or send me a note at jim.anderson@cecinfo.com.
Jim Anderson is the general manager for the AV, IT and structured cabling teams at Communications Engineering Company (CEC).
