The increasing volume and sophistication of cyber threats means all organizations must evolve their security posture. This is especially important in retail: a business environment in which undetected cyber attacks can negatively affect customer loyalty and hurt brand reputation among consumers.
Helping retailers realize the benefits of next-generation security — and prevent breaches — is one reason Palo Alto Networks has joined the Retail Cyber Intelligence Sharing Center (R-CISC) through its Associate Member Program. The Associate Member Program allows the R-CISC’s retailer and commercial services member organizations to collaborate and share threat intelligence and critical cybersecurity information in real time with the industry’s leading security solutions providers.
Have you benefited from the Palo Alto Networks Academy?
If so, you’re not alone. Palo Alto Networks currently has over 60 colleges, universities, and technical institutions worldwide that are delivering curricula to thousands of students based on Palo Alto Networks technologies and innovations.
The Palo Alto Networks Academy is designed to equip students with the required knowledge of next-generation cybersecurity to successfully navigate today’s rapidly changing cyber threat landscape.
We can help you identify and develop the skills needed to enable tomorrow’s security professionals to sufficiently protect their networks and data. We work with educators, employers, and technology experts to create courses that prepare students for the future.
Palo Alto Networks Academy works with colleges and instructors to prepare students for exciting careers in cloud, network and infrastructure security, one of the fastest-growing segments in technology.
Did you know that cybersecurity is fifth on the list of top issues for Homeland Security?
In fact, the Department of Homeland Security states, “Cyber security has emerged as an issue of vital national security. Governments, businesses, and individuals are under attack from other governments, cyber criminals, and ‘hacktivists.’ These attacks steal hundreds of billions of dollars in personal and business data and compromise sensitive government operations.”
Hardly a day goes by when we don’t hear of another high-profile breach. One thing these breaches all have in common is a stateful inspection firewall. Palo Alto Networks-based curricula demonstrate a more modern, next-generation approach to securing your network. Our technology is based on application traffic signatures (App-ID) and not antiquated stateful inspection techniques, which are leaving organizations vulnerable.
Would your campus like to offer the Palo Alto Networks security curriculum?
If yes, then you might want to consider forwarding the brochure below to your faculty to consider becoming our Academy partner.
Our courseware includes the essentials to configuring, installing and managing our firewalls.
We also have a textbook called the Cybersecurity Survival Guide, which covers the cybersecurity landscape and threats, best practices, and solutions from Palo Alto Networks.
Additional benefits from Palo Alto Networks include free Virtual Machines (VMs) with licenses, standard subscriptions for classroom use, and expert advice from our educators on building labs and custom courses.
Being a chief information security officer (CISO) is not unlike being in a war zone. Professionally and politically, your survival is dependent upon being “left of boom”—to coin a term from the US Pentagon when dealing with Improvised Explosive Devices (IEDs). In other words, constructing your defensive measures to be in place to prevent “boom” from occurring is the most prudent course of action. About 10 to 12 years ago, as a CISO in the US federal government, the job was to protect and defend because at that time we were most concerned with the basic security hygiene of the enterprise and viruses in the wild, so we tried to do basic preventive maintenance. We were not yet facing sophisticated, targeted attacks. We were trying to keep our configurations up to date, and then we thought we would be okay. CISOs’ perspectives have evolved because of the advanced persistent threat (APT) becoming a larger problem in the past few years. We have gone from protect and defend, to early detection and rapid incident response with immediate recovery so that businesses can continue to operate in a compromised environment. Essentially, we have gone from risk management to risk tolerance.
Threat Intelligence and Analytics
The enterprise now must have an active capability to gather and analyze threat intelligence to learn which of the threats and threat actors are looking at and targeting the enterprise. This requires a thorough understanding of your business lines and the types of business processes your enterprise is involved in so as to better understand who is targeting your business and how they are conducting their operations. If you know what type of threats there are, you can determine what type of technology to put in place, such as behavior-based rather than signature-based technology.
Today, more than ever, CISOs and their staff have to be agile enough to get ahead of the problem as opposed to letting the problem—or the “boom”—happen and cleaning up afterwards. The “right of boom” approach is quite costly and ends up consuming most of a security program’s resources. “Right of boom” enterprises include all of those who have made headlines because of their publicized breaches over the past couple of years.
Looking forward, there are encouraging developments in big data analytics, where helpful proactive information can be derived from the terabytes of information from companies’ deployed security devices. In the past, security staffs did not have the tools to analyze this data in a cost-effective fashion, so often, the data was lost due to storage limitations. Today, with advanced analytics, a company can take that information and develop pattern and behavior analysis to see if something is actually getting into the enterprise, or worse, data is being exfiltrated. Additionally, there are cloud and mobile security operating realities that may have the effect of weakening security over the next 5-10 years because adversaries’ targeted capabilities are getting stronger. Keeping up with these developments is a constant challenge for CISOs.
Legislation Shortcomings
Legislatively, the US Congress has not approached the cyber security problem from a holistic, enterprise-wide perspective. Rather, US legislation has been focused on compliance with requirements of questionable security relevance. Most legislative efforts have not emphasized the rapid and continuous changes of the IT environment that are necessary in meeting the challenges of securing today’s enterprises. Legislation is generally about putting controls in place and making sure they are implemented effectively and doing risk management—which did not work well in the past and is even more misguided in the present. In today’s environment, an organization needs to be more proactive, rapidly changing to meet the attacks with rapid responses that are difficult to legislate. The US bill, Federal Information Security Modernization Act of 2014, which is more attuned to continuous monitoring of technical controls, may be a step in the right direction, but legislative solutions generally tend to stifle the ability of enterprises to meet the security challenges with swiftness and agility.
Mentoring Needed
The critical skills gap in cyber security staff requirements is growing, but enterprises are having a difficult time meeting the demand. Companies seem to want a cybersecurity staff with the wisdom of experienced executives, but at the pay scale of college graduates. The problem that the Fortune 1000 has yet to solve is that the experienced substantive expert understands how to apply security across an enterprise, while the recent college graduate may only know how to put controls in place.
Professional certifications are also important, but are becoming more and more targeted at specific roles. For example, incident responders, forensics staff or governance and compliance professionals should have the relevant certification that attests to their knowledge of that particular skill set. But the big concern is—as businesses cut costs and move the experienced staff into retirement—who will mentor the next generation on how to effectively manage risk across large heterogeneous enterprises?
Bruce A. Brody Chief Information Security Officer, Cubic Global Defense Chief Cyber Security Strategist, Cubic
As recent breaches have shown, attackers are quick to take advantage of the vulnerabilities that distributed environments introduce. Security teams need to be fast in updating both the effectiveness and efficiency of their security architecture and controls to prevent breaches.
Globally distributed business operations face a number of security risks, including:
Access rules that differ among business units and vary by geography within a business unit, resulting in such a large number of security rules that are nearly impossible to keep up to date
Network topologies and addressing schemes that not only vary across entities, but can also change rapidly as local technology migration decisions are made
Access control policies based on traditional port/protocol approaches, resulting in complex and unmanageable firewall rulesets that often provide little more than a false sense of security
Lack of technology consistency, even when a solution is purchased from a single vendor
Inconsistencies in log and reporting data, making it difficult to see patterns of attack or indications of a breach in progress
Are you doing all you can to protect your environment? Get your copy of the SANS Institute’s recent whitepaper, “Conquering Network Security Challenges in Distributed Enterprises” to learn more about achieving faster detection, increased prevention and continuous monitoring of threats, all without affecting business productivity.
Columbia Sportswear has roughly 200 offices and retail stores globally, and supports approximately 5,000 users 24/7, so it requires a
solution that is solid, supportable and easy to work with, which is why Columbia Sportswear chose to partner with Palo Alto Networks and VMware to secure their virtualized data center, and utilize the Palo Alto Networks/VMware NSX integration.
Watch the below video to learn more about why Columbia Sportswear is partnering with Palo Alto Networks and VMware to improve processes, add agility to even better serve their customers, and secure data and transactions.
