Security can’t wait any longer; it needs to evolve now.
The world of work has changed — radically. With more users working from anywhere, security gaps are widening.
IT teams have less visibility while employees have more control than ever before over the applications they use, and where they use them. Many of those applications have moved to the cloud, allowing remote and roaming employees to connect directly to those applications and bypass the VPN. Those same cloud apps make it easy to collaborate and share information, not just within your company but with outside collaborators, too.
With critical infrastructure, applications, and sensitive data now stored in the cloud, attackers have even more incentive to target endpoints as their easiest point of entry. With ransomware on the rise, and more branch offices having direct-to-internet access, the question remains: Why are we treating today’s new challenges with yesterday’s approach to security? Security can’t wait. It’s time to take action.
The threat on endpoints is massive.
The way we work isn’t the only thing that has evolved. Security threats have changed, too. Today, an estimated 70% of breaches originate on endpoint devices. Why are endpoints the primary point of entry for attacks?
- Gaps in protection. When users and endpoints are off-network, antivirus is often the only protection available. This is not enough to handle today’s advanced threats, including zero-day exploits. 57% of organizations say that mobile devices are one of the most challenging areas to defend.
- Lack of visibility. Organizations have limited visibility into user and endpoint activity, and they lack the context to see malware — where it came from, where it’s been, and what it’s doing — once it lands on an endpoint. You can’t detect what you can’t see.
- 197 days Industry average detection time for a breach
- 69 days Industry average time to contain a breach
- User error. An attacker sends out a phishing email with a malicious attachment or link. Despite training and/or countless warnings, users inevitably click on things that they shouldn’t.
- 48% of attackers bypass endpoint defenses due to user error
- 56% of organizations say that user behavior is one of the most challenging areas to defend
It’s time for effective security that’s simple, open, and automated.
Attackers are getting smarter, faster, and harder to catch. Ransomware in particular has grown into a billion-dollar industry as targeted attacks become more frequent. According to Cyber Security Ventures, a new organization will fall victim to ransomware every 14 seconds in 2019, and every 11 seconds by 2021. What’s more alarming? Ransomware is expected to cost businesses 11.5 billion in 2019.
The evolution of how we work and the evolution of internet threats together add up to a new reality for IT. You can no longer rely on network-level protections alone to keep your data secure. Traditional security can’t extend protection to mobile users or handle the exponential increase in internet traffic. Secure web gateways, firewalls, and sandboxing are important tools — but they provide help only after an attack occurs.
Today, you need deep visibility into what users are doing on their endpoints, what’s happening with the files located there, and where that endpoint is trying to connect to on the internet. And you need the control to stop malicious behavior as soon as it’s detected. Fortunately, security has evolved to meet these challenges with solutions that are simple, open, automated, and effective.
Protect every endpoint, everywhere.
Umbrella is a cloud security platform that provides your first line of defense against threats on the internet, whether your users are on or off the corporate network. Umbrella gives you complete visibility into internet activity across all locations and endpoints. Plus, it monitors and analyzes attacker infrastructure to identify and proactively block malicious requests before a connection is even established. Umbrella resolves over 180 billion DNS requests daily, far more than any other security vendor, giving our researchers a unique view of the internet to better identify trends on threats, faster. Umbrella helps organizations stop attacks earlier, identify already infected devices faster and prevent data exfiltration.
Cisco AMP for Endpoints
AMP for Endpoints is cloud-managed, next-generation endpoint security that analyzes unknown files and automatically blocks malware from trying to run on endpoints. It continuously monitors and records all file activity on endpoints, regardless of file disposition, to quickly spot malicious behavior. AMP then shows the complete recorded history of the malware’s behavior over time — where the malware came from, where it’s been, and what it’s doing, enabling you to retrospectively detect and remediate threats once thought to be benign.
A one-two punch against attacks.
Cisco Umbrella and Cisco AMP for Endpoints provide your first and last lines of defense for today’s threats, anywhere users go. Together they provide the visibility, context, and control needed to prevent, detect, and respond to attacks, before damage can be done.
Avoid the aftermath with a before strategy.
To secure against ever-evolving threats across an ever-increasing attack surface, you need more than one line of defense. Backed by industry-leading Talos threat research, Cisco Umbrella and Cisco AMP for Endpoints give you seamless protection from the DNS layer to the endpoint. Together, they provide the visibility and control you need to protect users against malware, phishing, and command-andcontrol callbacks — wherever they go and whichever devices they use.