2016 Security Defense in Action


Multifactor authentication, proactive vulnerability management, advanced endpoint protection (AEP)—these will be the year’s major growth areas in security strategy, as outlined in our New Year, New Security Posture: Top Defenses for 2016 post (the first of three posts looking at security trends). These types of measures are already being used in real-world settings, from healthcare to manufacturing to financial services.

Securing medical devices for patient protection

Despite the FDA’s new cybersecurity recommendations for connected medical devices, many medical devices still have manufacturer vulnerabilities. Fortunately, the risks can be mitigated, and we’re seeing healthcare IT teams step up their game in protecting corporate networks from device vulnerabilities, and vice versa.

Some are strengthening their security posture by segmenting devices into their own network, separated from the corporate network. While the IT team may not “own” the infusion pumps, it is nonetheless responsible for onboarding devices to the network and securing them—without disrupting clinical use.

For example, one leading healthcare system is building a new hospital and, at our advice, is creating a device-specific wireless network. The IT team has created a firewall to protect the enterprise network, so that neither an authorized guest network user on the premise nor a hacker from the outside can breach the device network, or vice versa.

On the manufacturing floor

Aging infrastructure is a growing problem that makes organizations vulnerable to compromise.  A Cisco analysis of 115,000 Internet-connected Cisco devices found that 92 percent were running on software with known vulnerabilities—and that’s just a sample.

Many manufacturing plants have an administrative IT system for business processes, as well as workflow systems used in the manufacturing process. Often, the corporate IT team is not necessarily in charge of the production systems, and no one is ensuring that software security updates are installed.

These unmanaged systems may be using Windows products or other software that eventually creates a network security risk if the software is not kept up to date or is not compatible with security patches.

When one of our clients faced this challenge, we helped the company create separate network for the older production systems. We also helped configure anti-virus, anti-spyware and vulnerability protection on the network firewalls using Cisco ASA with FirePOWER Services. This strategy protects the enterprise network without limiting use of the production systems.

In through the back door in a software development company

Many company networks have been compromised because of hidden vulnerabilities. One software development company discovered that a hacker had created a new local account and accessed the corporate Web server, potentially opening a back door to major corporate systems. We helped the client solve the problem before disaster ensued by quickly installing a multi-factor security system requiring user name and password, mobile app acceptance or SMS text message to allow access only to authorized users.

Growing concerns—and growing defenses

As discussed in Cisco’s comprehensive 2016 Annual Security Report, cyber-threats have become increasingly sophisticated. In Cisco’s research, 65 percent of executives say their organizations are threatened, and 41 percent are much more concerned today than they were three years ago. Attackers are building resiliency into their operations and if detected, are able to quickly reconfigure and reconstitute on new systems with new IPs in minutes, according to Cisco. Concurrently, more and better solutions are becoming available as leading providers such as Cisco continually find new ways to outsmart the cyber-attackers.

Next up: A look at more infrastructure vulnerabilities and advanced endpoint Protection (AEP) solutions in action.

Cisco sponsored the development of this security series.



March 8, 2016