The SANS (SysAdmin, Audit, Network, Security) Institute recently debuted their top ten cyber security menaces for 2008. Twelve established white-hat veterans of security poured their knowledge and time into compiling this top ten list, which I will refer to as the CMW â€œCyberspace Most Wantedâ€. I will provide a series of articles, each focusing on one of the hazards on the CMW. I will explain what they are and advise of practical solutions how to mitigate these risks in your small and medium business enterprise (SME). I will also focus on the business issues rather that the technical attributes of the technologies to mitigate these threats.
The SANS (SysAdmin, Audit, Network, Security) Institute recently debuted their top ten cyber security menaces for 2008. Twelve established white-hat veterans of security poured their knowledge and time into compiling this top ten list, which I will refer to as the CMW “Cyberspace Most Wanted”. I will provide a series of articles, each focusing on one of the hazards on the CMW. I will explain what they are and advise of practical solutions how to mitigate these risks in your small and medium business enterprise (SME). I will also focus on the business issues rather that the technical attributes of the technologies to mitigate these threats.
It’s not surprising that number one on the CMW list are the “Sophisticated Web Site Attacks the Exploit Browser Vulnerabilities – Especially On Trusted Websites”. Cyber criminals have focused their activity on the business sector because stealing this data has large financial payoffs. Many SME do not consider themselves as having data that is of interest to cybercriminals and quite often dismiss the need for properly addressing vulnerabilities in their infrastructure. In fact, the opposite is true; every business today collects data on employees, customers and vendors that are of interest to cybercriminals. Regulations such as the Payment Card Industry (PCI) Data Security Standards (DSS) mandate policies that are required for compliance by SMEs. Merchants and service providers must achieve compliance with the PCI DSS to avoid serious penalties. A spate of credit card data losses has inspired the credit card companies to introduce this comprehensive standard to limit further incidents. So what is the connection between browser based threats and data security? Cyber criminals need access to your network to get to your data, an obvious way to lure millions of business users is to exploit vulnerabilities in popular and trusted sites, then infect poorly protected browsers. Through the browser, sophisticated crimeware can be deployed to the host network then business data can be harvested and stolen.
During the past few years, my systems integration firm has helped hundreds of organizations reduce vulnerabilities from attacks against their web gateway infrastructure. Note that I have said, reduce not eliminate. Unfortunately, cyber security mitigation does not have a specific solution; it is a process with many parts. Cyber security solutions that have worked in the past do not necessarily work against the present and future threats. According to Gartner, Inc. today’s Secure Web Gateways must include, at a minimum, URL filtering, malicious-code detection and filtering, and application controls for popular Web-based applications, such as instant messaging (IM). I would add end user training and awareness at the top of the list. Cyber security planning and implementation is not just about policy or regulations, it’s about saving your business!
For many small enterprises, the process of implementing and managing a comprehensive set of web gateways security tools and practices may seem daunting. Nevertheless, there are many things that can be done to implement a comprehensive gateway security solution. Here are some ways you can start:
Implement a managed security plan – consider outsourcing your gateway security solution
Put a price tag on your data – It is not uncommon for an enterprise to treat all of its data equally, and as a result, squander significant amounts of money overprotecting it. Take the time to classify your enterprise data and save money by matching it with an appropriate protection solution.
Conduct a Business Impact Analysis – put things in perspective by prioritizing business resources to be protected, and identifying the downtime tolerance of different business functions.
Mandate end user security training – train users on the importance of security awareness, risks associated with social networks, Web 2.0 and attacks on popular trusted web sites.
Secure web gateway products and services for SME are available from a variety of providers. The usual security industry suspects all provide solutions to address the know vulnerabilities and some enterprising providers have solutions that address the unknown threats through the use of heuristics and proprietary real-time algorithms.
A secure Web gateway sits between the edge of the network and the Internet to filter unwanted software, content and malware within users' Web and Internet traffic. Secure Web gateways also centrally handle enforcement of organizational and regulatory compliance policies. Below are some of the providers that provide products to address the secure web gateway challenges SMEs faces today.
- Cisco (http://www.ironport.com)
- Cymphonix (http://www.cymphonix.com)
- Finjan (http://www.finjan.com)
- McAfee (http://www.mcafee.com)
- Mi5 (http://www.mi5networks.com)
- Secure Computing (http://securecomputing.com)
- SonicWall (http://www.sonicwall.com)
- Symantec (http://www.symantec.com)
- Sunbelt Software (http://www.sunbelt.com)
Lester Pierre is the CEO of the Wall Street Network. If you find this article benefitial to your company, please contact him at [email protected]
Additional information about secure web gateway can be found on my security blog at http://www.wsn.net/sites/blog/Lists/Categories/Category.aspx?Name=Cyber Security . In the next installment of this security series we’ll look at BotNets.