Know the threats that come to us. Get ready with CISCO UMBRELLAMaria Cruz Alcocer
Know the threats that come to us. Get ready with CISCO UMBRELLA
The great security threats in 2018
We are preparing for an action-packed 2018. Incidents such as the WannaCry attack, which affected more than 200 thousand computers around the world in May 2017, are only the warming of a new year of more virulent malware and DDoS attacks. Get ready with CISCO UMBRELLA
We find a large number of internet connectivity devices “Internet of Things”. We are not aware of its effect on our network. A printer? A sensor in my production chain? Smart TV? They are weak points within the security of your network and that seriously affect your business. It has no limits, it occurs both in companies and in homes.
According to several security studies, the main threats that we will face in 2018 are:
1.- Malware will be fired without files and with light files.
Malware without files and with little file load will represent a significant threat.
2.- Security in software in the cloud will continue to be a challenge.
The adoption of SaaS continues to grow rapidly, as organizations embark on digital transformation projects to boost business agility.
3.- Ransomware, now against home devices.
This is a type of malware attack in which the computer or device of the victim is blocked or encrypts all your information, until it pays a ransom. They take advantage of the massive increase in connected household devices. In general, users are not aware of the threats against smart TV, smart toys and other smart devices, which are an attractive target for cybercriminals.
4.- The IoT devices will be hijacked and used in DDoS attacks.
Last year saw massive DDoS attacks using hundreds of thousands of Internet of Things (IoT) devices compromised in homes and workplaces. Criminals will exploit the poor security settings and the handling of home IoT devices.
5.- IoT devices will give persistent access to home networks.
IoT devices in the home will be used by criminals to provide access to the network. Home users do not usually consider the security of their IoT devices in the home; therefore, they leave the default configuration and do not update it, as they do with their computers. The attacker will always have a backdoor in the victim’s network and the systems to which it connects.
6.- The financial Trojans will continue to be very profitable.
Financial Trojans are among the first pieces of malware monetized by cybercriminals. From their beginnings as simple financial data collection tools, they have evolved to advanced attack schemes that point to multiple banks, send hidden transactions. The move to mobile banking based on applications has reduced part of the effectiveness, but cybercriminals are moving your attacks quickly to these platforms. And it is expected that the profits of criminals with financial Trojans will grow, which will provide them with greater profits even than ransomware.
7.- Risks in infrastructure as a service (IaaS).
Infrastructure as a Service (IaaS) has changed the way organizations execute their operations, offering enormous benefits in agility, scalability, innovation and security. But it also presents risks, with simple errors that can expose a large amount of data and end up with complete systems.
8.- Security in software in the cloud will continue to be a challenge.
Digital transformation drives the adoption of SaaS (Software as a Service). But this presents many security challenges, since access control, data control, user behavior and data encryption vary significantly among SaaS applications.
9. Attacks on the supply chain increase in speed and complexity.
Large companies usually have very secure networks, but their suppliers, contractors and customers do not necessarily. With publicly available information on technology, suppliers, contractors, associations and key personnel, cybercriminals can find and attack weak links in the supply chain.
10.- Criminals will use artificial intelligence and automatic learning.
Until now, artificial intelligence (AI) and machine learning have been used as protection and detection mechanisms. But this will change in 2018, as cybercriminals will use AI and ML to carry out attacks.
What is the current situation in our companies?
- 25% of our traffic does not go through our security perimeter.
A connected printer, sensors in my company … are devices that I do not easily control and we do not know in most cases the traffic they generate, they are attackable points.
- 49% of our workers are mobile.
A worker connected to the wifi of a hotel, restaurant, airport … is a potential threat.
- 82% of VPN users admit that they do NOT use the VPN.
They only use it to access applications that are in the company’s network.
- 70% increase in the use of SaaS applications.
- 70% of companies in multi-site environments have access to non-centralized internet.
Have non-centralized and independent internet access in each of our delegations and / or remote users and not give them all the same level of security.For all this we can say that the current situation of our companies is that “Much of my processes and my data go outside of my corporate network”
Solution CISCO UMBRELLA
What is CISCO UMBRELLA?
It is a security platform in the Cloud that offers the first line of defense against threats on the Internet wherever users are.
- Security solution that is supported by DNS requests.
- Simple to deploy.
- Evolve with threats.
- The browser-based interface provides fast configuration and continuous management.
- It provides visibility of Internet activity of all devices even when users are outside their corporate network.
What is included?
- Cisco Umbrella provides full visibility of Internet activity from all locations, devices and users.
- Block threats before they reach your network or endpoints.
- Protection against threats like no other: malware blocking, Call2back callbacks and phishing.
- Predictive intelligence: automates protection against threats by discovering attacks before they are launched.
- Global coverage in minutes: no hardware to install or software to maintain.
- Security Reports: Get a personalized summary of malicious requests and more, directly in your inbox.
- Confirm that corporate policies and practices for patches in applications and for the operating system are met.
- Perform deeper and more advanced security analysis.
- Back up data frequently and test restoration procedures.
- Perform a security analysis of the microservice, the cloud service and the application management systems.
Strategic security improvements should be made, as never before, and investments in technology to incorporate the best practices to reduce exposure to emerging risks.
CISCO UMBRELLA: security platform in the Cloud that offers the first line of defense against threats on the Internet wherever users are.