The Problem with Breach Detection

According to ITC (http://www.idtheftcenter.org) data breaches in the US increased 40% in 2016, and through the first four months of 2017 are up an additional 42% over the same period last year.  Just over half of all breaches are caused by cyber attacks, defined by ITC as hacking, credit card skimming and phishing.  And the breaches are distributed across most if not all industries, hitting education, government, health and financial organizations alike. So, this is a big problem in 2017 that is threatening to explode into a huge problem.  You need to be aware that if you hold sensitive customer data, there is a very real possibility that you will be targeted.

What are your options for protecting yourself from data breaches?

In the past, organizations have focused the majority of efforts on breach detection and remediation.  In effect, they had given up on trying to prevent an attack and focused instead on cleanup.  Historically, this was more of a necessity since dedicated breach detection systems (BDS) from vendors like FireEye were the only type of solution available for detecting zero-day attacks that often are used in successful breaches.

The challenges with this approach are many:

  1. The standalone products used to detect breaches are expensive and take a sophisticated dedicated security team to manage.
  2. According to SonicWall GRID Threat Network, in 2016 over half of internet traffic was encrypted using SSL/TLS, so traditional breach detection systems can’t even see the threats coming into the organization. This is an issue because most modern malware is being created with the ability to download to unsuspecting victims using the same encryption technology.  SSL/TLS is being used to cloak or hide zero-day malware, making it very difficult for traditional breach detection solutions to be effective.
  3. Finally, most organizations just don’t have the cyber security skills to deal effectively with remediation.  It is estimated that, at the end of 2016, there was a one million person gap between the number of cyber security professionals available and the number the industry needs to effectively fight cyber crime.

What is breach prevention?

Fortunately, the security community now has more options at their disposal.  The best next-generation firewalls have integrated either on-board or cloud-based network sandboxes that are designed to detect zero-days much like the dedicated breach detection solutions available in the past.  And because a firewall sits at the Internet gateway, it is possible to block zero-day attacks before they ever make it into the network.  Here are five keys to finding the best breach prevention solution:

  1. The first requirement for breach prevention is decrypting the large component of your internet traffic that is using SSL/TLS.  Your next-generation firewall needs to be able to do this without impacting the network performance, so look for a scalable high performance solution.
  2. Look for a firewall that has high security effectiveness to ensure that the maximum number of “known” threats are detected and blocked before they get into your organization.
  3. For unknown threats, make sure the firewall can not only detect zero-day threats but automatically block them in near real-time.  This element is key to a breach prevention strategy.
  4. We recommend multiple sandbox engines running in parallel, which makes it much more difficult for an attacker to execute an evasion designed to target a specific vendor or engine type.
  5. Make sure the TCO of the solution fits within your budget, not only the upfront capital but also the resources needed to manage the solution and the ability to effectively scale capacity in the future to accommodate growth.

SonicWall at Dell EMC World 2017: Secure More. Fear Less.

SonicWall is thrilled to be a silver sponsor at Dell EMC World (May 8 – 11 in Las Vegas) in booth #1515. While we are now a separate organization from Dell, we continue our close longtime partnership.

This year’s event theme is “Realize your Digital Future.” Organizations today are looking to transform their business to drive IT innovation, enhance workforce mobility and reduce risk. However, digital transformation can increase exposure to risks that can directly impact your customer data, your reputation, and your organizations’ credibility.  The partnership and solutions from SonicWall and Dell EMC provide the perfect combination to stay ahead of cybercriminals in the continually evolving cyber arms race.

At Dell EMC World, SonicWall experts will show you how our solutions can empower you to prevent breaches, stop phishing attacks, block ransomware, uncover SSL encrypted threats and identify compromised IoT devices.  Visit our booth to:

  • Discover recent advances made by both cybercriminals and cybersecurity, as outlined in our 2017 Annual Threat Report.
  • Watch a demo of our award-winning multi-engine sandbox, SonicWall Capture ATP, which can scan and block unknown files until it reaches a verdict in order to prevent zero-day and advanced threats.
  • Learn how our next-gen firewalls can help you prevent breaches caused by encrypted malware. Over 60% of today’s web traffic now uses SSL encryption, which can lead to under-the-radar hacks and expose your network to breaches. Most modern firewalls claim to decrypt and scan encrypted traffic, but not all perform well in the real world.
  • Find out how to stop ransomware in your email. Ransomware attacks have grown at a tremendous rate, with email as one of main attacks vectors. See a demo of SonicWall Email Security with Capture, a next-generation solution to protect email files, stop phishing and block ransomware. Talk to our experts in the booth and learn how to block spoofed email and attacks.
  • Explore our latest Secure Mobile Access solutions, which let you define granular access policies, enforce multi-factor authentication and monitor all activities for compliance. With an ever-growing number of devices connecting mobile workers and vendors, you need to rethink IoT security. SonicWall’s access security and network segmentation delivers the right level of access to your mobile workers and reduces the threat surface.
  • Learn how to integrate Dell EMC X-Series switches with SonicWall to extend your network infrastructure securely and centrally manage switching, firewalling, and wireless. Talk to our product experts and see how this integration can help to reduce complexity, cost, and potential misconfiguration.

Our goal is to help you stay protected and ahead of todays, ever-changing cyber-attacks. Start your Dell EMC World journey at booth #1515 on Monday night, and experience first-hand how SonicWall next-gen firewalls, access security, and email security offer the power to secure more and fear less. SonicWall’s booth theatre and World Chat presentations, demos and experts at the conference will empower you and your organization to overcome numerous crimes targeting weak spots in your network.

Be sure to also tune in via Twitter #DellEMCWorld and follow @SonicWall.  If you want a head start, you can get an on-line demonstration of our security solutions online by visiting our Live Demo site.

SonicWall Cloud GMS Launches for Managed Service Providers: Protect More. Fear Less.

On May 1, 1969, Joni Mitchell released her album, Clouds. In Both Sides Now, she penned these lyrics about the enigmatic nature of clouds:

I’ve looked at clouds from both sides now
From up and down and still somehow
It’s cloud’s illusions I recall
I really don’t know clouds at all

Exactly forty-eight years later, on May 1, 2017, SonicWall proudly launches Cloud GMS, the Global Management System for its next-generation firewalls.  Then as now, the cloud is enigmatic:  how do you know if a cloud management is right for your business?  The good news is that SonicWall gives you freedom of choice by offering both cloud and on-prem versions of GMS.  Keep reading and we will look at the cloud from both sides now.

First, cloud’s usage-based subscription model has financial advantages because of its zero upfront capital expense, which eliminates the barrier to entry for capital-constrained budgets.  Secondly, cloud’s pay-as-you-grow model enables businesses to scale painlessly because growth occurs by cloud-driven increases in cash flow with no outlays for more infrastructure.  Lastly, cloud equals simplicity, with no updates and fewer maintenance headaches for limited IT staff.

But cloud is not a clear-cut alternative to on-prem IT infrastructure for every business. There are many factors that should be considered.  First, cloud services are often geographically dispersed, whereas data privacy restrictions such as the European Union’s General Data Protection Regulation (GDPR) requires local access of data for security and compliance reasons.  Second, cloud services use shared resources with other businesses and that may cause sleepless nights for some IT managers who prefer direct control of infrastructure.  Lastly, cloud services are remote and susceptible to latency- or bandwidth-related issues.

The real value of technology is to make the business work in ways that maximize its growth and profitability. This means enabling the business to move in new directions to capture more customers, or to keep up with the market by out-competing the competition.  Whether you choose cloud or on-prem, GMS makes your business work better by enabling resellers to transform into managed service providers.  Or in the case of managed service providers who don’t yet have GMS, to increase operational efficiencies.  In both cases, businesses can increase their top line while improving their bottom line.  We invite you to learn more about the MSP practice in A Lucrative Opportunity in Managed Security Services and Cloud GMS in Integrating Global Management of Network Security.  If you are SonicWall Partner, start a free trial of Cloud GMS now by logging in to and clicking the Try button for Cloud GMS.