As 2019 came to an end, Imperva CTO Kunal Anand began working with our global research team, Imperva Labs, to put together a list of the most important cybersecurity issues security leaders should be prepared for in 2020. He published his list in the blog, “Top 5 Cybersecurity Trends to Prepare for in 2020.” Since then, we’ve been digging deeper into each of his five trends in blogs that examine risk and security strategies that can keep your business safe. Today, we’ve arrived at the fifth and final trend to prepare for in 2020: defense-in-depth.
Digital Transformation is a Driver
We know that digital transformation is definitely having an impact on every aspect of our business life. Increased efficiencies, higher revenue and improved communication are just a few of the benefits we are starting to see. But the urge to be online all the time via smartphones, laptops, tablets, smart speaker systems and even IoT devices, is putting a strain on the enterprise. The lines between corporate and personal become blurred as employees use personal devices to access corporate apps in the cloud, check email one last time before going to bed, or log onto the business intranet. And everyone – customers and employees alike – wants consistent, high-speed access to all the websites and applications they need, always and everywhere.
Digital transformation has an unexpected side as well, with serious implications for security and performance.
There is a new weakest link to be aware of: the point at which the enterprise-owned network connects to a third-party network – typically at major Internet hubs. Connections to potentially vulnerable API backends, weak security or older, vulnerable versions of operating systems on personal devices, password re-use, and increasingly sophisticated cyberattacks can spell danger for even the most security-savvy organization.
DDoS attacks remain attractive to hackers: In 2019 our team saw the largest-ever attacks, five times bigger than any previously seen. At the same time, spear phishing attacks are increasingly successful. They impersonate executives through business email compromise (BEC) to execute unauthorized wire transfers and use publicly available information to trick employees into giving up their credentials. It’s easier than ever to attack mobile devices that connect to corporate assets, converting them into vectors to attack resources, steal data, and slow down access to websites and apps.
In Search of Comprehensive Security and Efficiency
Traditional defense mechanisms are not able to keep up with the increasing power and agility of cyberattacks. That’s why it’s important to keep attacks as far away as possible from the corporate network and data center. In practice, that means mitigating them close to the point of attack – at the edge. Not only is this more efficient, it can have a positive impact on the user experience as well. This approach requires us to push strong security all the way to the edge, encompassing all devices – especially mobile devices, which are often the target of attacks.
Still, edge security is not enough. We need to take a much more efficient and comprehensive risk-reduction approach than we have in the past. Traditional approaches involved separate edge security solutions to combat DDoS attacks, provide protection for web applications, detect and deter malicious account takeover attempts, etc. Even worse, there were separate providers and solutions for protecting against external threats, bad bots, hackers, and insiders who have become internal threats. And separate solutions for protecting assets that live on-premises, in the cloud, and in mixed cloud environments – at a time when many organizations are in the process of migrating from one environment to the other. Different platforms, user interfaces, and management consoles lead to inefficient operations, bombarding security analysts with massive amounts of uncoordinated alerts and increasing the management burden.
A Better Way
Businesses need security solutions that protect applications regardless of where they live, that are integrated to share important data, that can analyze complex attacks and find patterns, and that make life easier for scarce talent like security analysts. Solutions that reconcile the often-conflicting requirements for speed, performance, scalability, and protection.
The best way to accomplish this is through security that provides true defense-in-depth from the edge to inside the application itself. The ideal scenario is a“layered” security model where malicious actors must pass through multiple gates in order to execute an attack, without introducing latency or jeopardizing essential business processes.
Imperva Application Security
At Imperva, we take a security-first approach that ensures an optimal user experience while managing risk. Our global network of full-stack PoPs ensures protection at the edge while guaranteeing optimal performance and speed.
The Imperva WAF inspects all traffic destined for customer websites and mitigates malicious traffic at the nearest PoP, allowing legitimate traffic to continue on its way. Our powerful DDoS protection stops attacks of any size in three seconds or less – an industry first (and best) SLA. Our content delivery network optimizes website delivery, improving performance while reducing bandwidth costs. Our bot management provides protection against all OWASP automated threats. Our Runtime Application Self-Protection (RASP) offers security by default against known and zero-day vulnerabilities. And Attack Analytics gives analysts a prioritized set of actionable security insights to improve productivity.
The Imperva Application Security suite delivers all this in a simple, flexible, and predictable licensing approach that lets you deploy regardless of whether your devices are in the cloud, on-premises or in a hybrid model.
Featured Webinar: Take on 2020 with Vision. Imperva CMO David Gee sits down with Imperva CTO Kunal Anand to discuss all the trends you should watch for in 2020. Watch here.