We Need to Re-think our Approach to IT Security

Despite the dramatic increase in IT security spending over the last decade, we continue to see a similar increase in the number and the cost of IT security breaches. Consider that Gartner estimates that IT security spending will soar from $75 billion-plus in 2015 to $101 billion in 2018. And similar research firm Markets and Markets sees the cybersecurity market hitting $170 billion by 2020.

We have all read about the high profile breaches at Sony, Target and the U.S. Office of Personnel Management, yet few of us realize there are an order of magnitude more breeches that hit less known and smaller companies every day. Forty-two percent of SMBs said they experienced a cyberattack within the past year according to the Ponemon Institute study. And the average cost of a breach according to a study by the same firm is $3.8 million. This represents a 23 percent increase since 2013.

What this means is that despite all the money and effort we have put into improving IT Security, something is not working. Or at least not as well as we all would like.

The obvious reaction to these trends is to remain cautious, to be on alert, to hold back on granting access to internal applications and data that might add the risk of another breach. Curtis Hutcheson, VP and GM of SonicWall Security Solutions discussed the need for a new approach to IT security in his recent blog.

Who, of course, would not react this way? Who could honestly say they aren’t afraid of an attack that would result in lost customers, lost revenue and lost jobs?

But holding back out of fear is not the right answer. Markets are competitive. There is always another company, organization, agency that is ready to take our customers, students, and stakeholders should we slip or fall behind.

Enabling employees, students, and administrators with access to the latest tools and applications is critical to remaining competitive, to innovating, to winning. Saying “No” might make us feel safer in the short run, but it is likely to cause larger systemic issues that make us irrelevant in today’s fast paced world.

At SonicWall Security we believe there is a way to say “Yes.” We believe IT security executives can:

  • Say “Yes” to initiatives that enable innovation and create competitive advantage


  • Say “Yes” and dramatically improve security to keep corporate and organization assets safe from external threats.

We believe it’s time for IT Security leaders to re-think their approach to IT Security, to be bold and open up their own Department of Yes.

And we can help. Our context-aware security solutions share information which allows It Security departments to Govern Every Identity and Inspect Every Packet on the network. These solutions, working together and not in silos, deliver better overall security with less complexity and at lower total cost.Patrick Sweeny recently discussed how we can help you can open your own Department of Yes.

We are committed to helping our customers deliver better overall security and driving innovation and competitive advantage. That is why we have launched a global campaign to help educate customers on how we can help them open their own Department of Yes. We are partnering with a number of large major media partners including RedmondMag, IDG, CSO, NetworkWorld, CNN and CNBC to help drive our message and educate IT Security executives.

Here are examples of the new campaign

Sound Interesting? Learn more by visiting us a

Combat the Staggering Rise of Zero-Day Threats

With the devastating rise of targeted, evasive, zero-day threats hitting IT infrastructures, computers, individuals and their devices, it is critical to have a multi-layer and revolutionary security solution. Today, at RSA Conference 2016, Feb. 29-Mar. 4 in San Francisco, we have launched the  SonicWall Capture Advanced Threat Protection (ATP) Service, our multi-engine or triple layer approach, which advances sandboxing beyond detection to deliver end-to-end prevention.

For SonicWall’s next-generation firewalls, we offer a multi-engine advance persistent threat analysis sandboxing service that has broad OS and file type analysis. Once a threat is identified, it not only detects but blocks it from entering the network. Come by SonicWall booth 1007 in the South Hall, where we will showcase this extraordinary SonicWall Capture sandboxing service with our worldwide customers and partners.

The RSA conference is the premier security event for thousands of experts gathering to gain greater in-depth knowledge of cyber criminal techniques and plans of attack to stop these catastrophic threats. Such threats are evolving quickly to disguise themselves, as we recently learned in the 2016 SonicWall Security Annual Threat Report. For this threat report, SonicWall leveraged its Global Response Intelligence Defense (GRID) network and telemetry data, gathered from SonicWall sensors. We continue to provide secure environments for our customers, stopping 2.17 trillion IPS attacks and blocking 8.19 billion malware attacks, up from 4.2 billion attacks last year.  Virtual sandboxes and other advanced threat detection techniques have been developed by security professionals to more effectively analyze the behavior of suspicious files and uncover hidden malware.

Detecting zero-day threats is critical, but it is not enough; technology is required that not only inspects traffic for suspicious code but also gives IT control to block suspicious code from entering the network until after it’s analyzed.  This protects the network from infection, eliminating time-consuming remedial tasks necessary to remediate damage. Additionally, follow-on attacks can be prevented with quickly generated IP signatures blocking newly discovered malware from automatically being distributed across network security devices.

This superior  SonicWall Capture Advanced Threat Protection (ATP) Service is a cloud-based service for SonicWall next-generation firewalls and Unified Threat Management Firewalls (UTM) that detects and blocks until the verdict is determined. SonicWall Capture is the only advanced threat protection offering that starts at the gateway, and includes multi-layer sandbox technologies that use system emulation, virtualization, and memory analysis techniques that not only detects but can block based on verdict before it infects the defended network. Our customers and partners benefit from high-security effectiveness, fast response times, and reduced total cost of ownership. This system is available in beta.

If you come to the booth, you will not only get to experience this ground breaking technology, but you will also talk to SonicWall experts and see live demonstrations of the SonicWall Firewall Sandwich, SonicWall Safeguard Privileged Management and other SonicWall One Identity Solutions, SonicWall Secure Mobile Access solutions, SonicWall Email Security Encryption in booth 1007. For our commercial PCs, SonicWall Data Protection and Encryption and Data Security will also be showcased.

Finally, join me and my SonicWall Security and SonicWall SecureWorks colleagues for these inspiring speaking sessions:

  • March 2 at 10:20 – Threat Actor Pivoting and the Underground Market for your Data.
  • March 4 at 11:30 – Are you worthy? Laws of Privileged Account Management.

Join the conversation on Twitter @SonicWall and follow the #SonicWallGovernProtect this week at RSA.