Under Attack?
Search
Menu

Creating a Secure Climate for your Business

By Yaniv HoffmanFebruary 5, 2020

Today’s IT landscape is constantly evolving and looks drastically different than it did a few years ago.

Your network and infrastructure are more digitized and complex due to new, emerging technologies (like IoT, edge computing, APIs and bots), and applications are more customer-centric, cloud-native, and public-facing. 

With users, devices and applications everywhere, IT teams and security professionals are struggling with visibility of the network and trying to understand the following:

  • Are users legit or malicious?
  • What is on the network and how does it connect?
  • How vulnerable are our clouds? Who/what accesses it?
  • How can we view and secure all connections?
  • What exists in the cloud and how does it connect?
  • How do you protect something you can’t see?

First, Understand the Threat Landscape

First, we need to understand the threat landscape and how it impacts security considerations in network infrastructure, applications and the cloud.

Environments – We see greater movement towards the cloud across all industries, including multi-cloud environments. The traditional data center has morphed into a private cloud and at the same time, many applications hosted locally are now hosted in multiple public clouds. This has changed the threat landscape considerably, as the attack surface is now much wider and more vulnerable.

[You may also like: The Move to Multiple Public Clouds Creates Security Silos]

Technology – In response to changes in environment, technology is likewise changing and creating the following main threats:

  • API – With APIs becoming the main information corridor between applications, threat actors are starting to find ways to abuse them. Case in point: per Radware’s most recent global survey, API attacks have become one of the most common type.
  • Bots – Bots are increasingly becoming more sophisticated; they can mimic human behavior by using keystrokes and mouse movements, take over user accounts, scrape data, hold inventory and disrupt services. Unfortunately, almost 80% of organizations cannot make a determinative distinction between a ‘good’ and a ‘bad’ bot.
  • IoT – International Data Corporation (IDC) estimates that by 2025, there will be 41.6 billion connected IoT devices generating 79.4 zettabytes (ZB) of data. IoT devices have no standard of security built in, and the burden of their security vulnerabilities is something that enterprises have never had to deal with before.
  • SSL – SSL is now going to be based on UDP/DTLS and QUIC; SSL-based attacks, which previously impacted mainly e-commerce and financial services industries, may very well affect all industries moving forward.

[You may also like: High-Performance Visibility into SSL/TLS Traffic]

  • Workload – Transitioning to the cloud means losing visibility and control over computing assets. Cloud-hosted workloads are managed remotely, making it difficult for security teams to supervise access to sensitive cloud resources. As a result, many organizations are unable to prevent cloud misconfigurations, identify cyberattacks as they are happening and respond in time.
  • Processes – The speed of business and availability of technologies lead to multiple teams in the organization that are using digital assets and handling data. Company information is no longer in the hands of IT; DevOps, cloud architects and even marketing are all making independent decisions and gaining greater influence on the overall security posture, and security staff is in a constant chase.
  • Visibility – As technology, environments and processes are changing, blind spots are created. How do you protect what you can’t see? The complexity of keeping up with quickly changing network environments has made visibility a growing and major issue.

Next, Focus on Key Protections

This all sounds like a lot to deal with and I definitely see how overwhelming it can be. But the good news is there’s a lot synergy in the challenges that can be covered. If I could consolidate them, I’d narrow it down to two key areas that security practitioners can focus on:

  1. Your workplace. It’s critical to gain insights into users and devices, identify threats and maintain control over all connections in your network. Specifically:
  • Protect your network from volumetric and complex DDoS attacks. User behavior-based detection and real time signatures that blocks zero-day attacks, IoT/Bots, DNS based, burst attacks and SSL/encrypted attacks.
  • Protect your applications from advanced web application attacks such as OWASP-10. Use a behavioral-based detection system with auto generation policies that reflects simplified user experience, and end-to-end security. As an example, protecting your API GW, protecting web-based applications and anything that is HTTP/S which is opened to the internet.
  • Protect against sophisticated bot attacks. Allow precise bot management across all channels of your network, applications and users (web applications, mobile apps and APIs), combine behavioral modeling for granular intent analysis, collective bot intelligence and device fingerprinting. Bot solutions should protect from all forms of account takeover, denial of inventory, DDoS, card fraud, web scraping and other OWASP automated threats while also reducing expenses and increasing revenue.
  • Monitor application availability & performance – Ensure your applications’ SLA and ensure agility and elasticity in the data center and multi-cloud.

[You may also like: Cloud Migration: Times, They Are A-Changin’]

2. Your workload. Moving workloads to a public cloud means new threats. Putting internal resources in the outside world creates a larger vulnerable attack surface, and external threats that could previously be contained can now strike directly at the heart of an organization’s workloads. In other words, when your inside is out, the outside can get in.

What should you look for in the right security solution?

  • Comprehensive protection – protects overall cloud security posture as well as workloads
  • Smart hardening – reduce attack surface by eliminating promiscuous permissions
  • AI-based detection – advanced machine learning algorithms to detect data theft
  • Cloud native – agentless, low touch easy deployment

Read Radware’s “2019-2020 Global Application & Network Security Report” to learn more.

Download Now

Posted in: SecurityTags:

Yaniv Hoffman

Yaniv Hoffman brings more than 20 years of experience in leading high-performance engineering and service teams, specialized in networking, cyber-security and cloud operations. Mr. Hoffman is the Vice President of Technologies. In this role he is responsible for APAC engineering teams (Pre-Sale, Post Sale, Architecture, Professional Services), and drives innovation in technical solutions and delivery while leading sales activities across the region. Prior to this role, he managed the global technical services in Radware, overseeing all customer engagements and customer success.

Related Articles

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Contact Us Now

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

CyberPedia

An Online Encyclopedia Of Cyberattack and Cybersecurity Terms

CyberPedia
What is WAF?
What is DDoS?
Bot Detection
ARP Spoofing

Get Social

Connect with experts and join the conversation about Radware technologies.

Blog
Security Research Center
Close

What are you looking for?