Being a victim of a data breach is one of the worst nightmares for a large enterprise. Not just in terms of bad press and potential fines, but maybe more significantly in terms of disruption to services, loss of income and the cost of downtime. Unfortunately, with firewalls struggling to keep up with inspecting the increasing proportion of encrypted data on high-capacity networks, this nightmare is turning into a reality.
In the first half of 2019 alone there were breaches at Singapore’s Ministry of Health (MOH) (14,200 HIV sufferers), Georgia Tech (1.3 million individuals), Toyota (3.1 million customers and employees), Office of the Australian Information Commissioner (OAIC) (10 million individuals), and First American (885 million customer records). And, this is only a handful of examples.
Increasing cyberattacks on valuable data
Large enterprises – whether in the financial, healthcare or government sectors – face an ever-expanding threat surface when it comes to cybersecurity. A recent cybersecurity report, published by security firm Carbon Black, revealed 67 % of financial institutions were hit by an increasing rate of attempted cyberattacks and hacks, and 79 % of CISOs from the world’s largest financial institutions said the hackers were becoming more and more sophisticated. With the sizeable assets and personal data they handle, financial institutions are an irresistible target for cybercriminals.
The same is true of the healthcare industry. With a single patient’s records being worth hundreds, or even thousands of dollars, ransomware-as-a-service is on the rise. Last year, a threat report from security firm Cylance claimed that ransomware attacks grew three times over the previous year, with healthcare organizations being the most common sources of attack. Verizon confirmed the findings, revealing that out of 750 cyber incidents in the healthcare industry, 536 involved data disclosure. The number of security incidents affecting government systems is also increasing exponentially, creating the dangerous potential for unauthorized access to citizen data and disruption to critical operations.
A complicated threat landscape
Cybersecurity for large enterprises is made challenging by the number of interconnected locations, devices, and remote workers. Multi-cloud technology further complicates the threat landscape. Enterprises in many industries have to balance the demands of regulatory compliance with customer expectations, all the while mitigating risk and liability. Enterprises must be vigilant about inspecting all traffic, but when at least 72% of traffic is encrypted and over 50% of cyberattacks target that encrypted traffic, this becomes almost impossible with our current approach to network security.
The benefits of horizontal scaling
It’s clear all enterprises need 100% inspection for 100% of our traffic, 100% of the time, without degrading network performance. But, how do we achieve that? The answer is to scale horizontally rather than vertically into virtual security services such as firewall and SSL visibility capabilities – just like you do for web apps. When traffic inspection is abstracted away from the network, using software-defined network security techniques you are able to scale traffic inspection to 100%. For high capacity links, a network security virtualization platform, like Corsa announced last week, is the only feasible approach, since full traffic inspection can only be done with a greater number of processors sharing the load, rather than with a bigger, specialized appliance.
This platform allows large enterprises to elastically add network security capacity to meet increasing bandwidth demand, thereby eliminating costly hardware refresh cycles. You have a vendor-agnostic platform which is simple to deploy, so enterprises continue to use their preferred security vendors, while behind the scenes the virtual appliances are running on state-of-the-art hyperconverged infrastructure, specifically optimized for scaling network security. Acting as a bump-in-the-wire, this kind of platform operates seamlessly within the customer’s existing security stacks so there is no need to rearchitect the network, meaning zero down-time for upgrades.
Cybercriminals are adopting sophisticated techniques but network security isn’t keeping up. Enterprises need a reliable solution to protect sensitive data, maintain essential services and meet regulatory demands. And that solution has to be agile enough to grow with the organization. That’s why Corsa is leading the way to transform network security.