Converged security and networking to securely connect any user, device, or site to any workload or application.

Versa Secure Access Fabric Versa Zero Trust Everywhere Versa Titan Versa SASE Architecture Versa AI
SASE ROI Calculator

SASE can save your company a lot of money. Use the industry’s-first SASE ROI calculator to quantify the cost savings you can achieve in services, asset consolidation, and labor when deploying Versa SASE.

Top Energy Firm Achieves Comprehensive “Work-From-Anywhere” with Versa SASE

A large, publicly traded energy company operating in all areas of the oil and gas industry has dramatically simplified their network stack and realized huge cost savings with Versa SASE.

 
Availability and Buying Options in the Emerging SASE Market

EMA evaluates the different SASE vendors and their approaches to architecture, go-to-market, and support for their cloud-delivered and hybrid services.

Gartner Magic Quadrant for WAN Edge Infrastructure

Gartner Magic Quadrant report analyzes the various vendors in the WAN edge market and Versa is positioned as a Leader.

Versa Networks - Explained in 1 minute

Learn about the Versa Secure SD-WAN solution in a high-level, one minute overview.

Versa SASE (Secure Access Service Edge)

SASE is the simplest, most scalable way to continuously secure and connect the millions points of access in and out of the corporate resources regardless of location.

 
Versa Secure SD-WAN – Simple, Secure, and Reliable Branch to Multi-Cloud Connectivity

Versa Secure SD-WAN is a single software platform that offers multi-layered security and enables multi-cloud connectivity for Enterprises.

The Versa Networks Blog

Industry Insights

Limit Impact of Data Breaches with SD-WAN Segmentation

versa-staff
By Versa Staff
Versa Networks
August 15, 2018

The 2018 Data Breach Investigations Report (DBIR) compiled by Verizon is loaded with cloak and dagger cyber events conducted by both known and unknown bad actors and mechanisms. Verizon identified 53,000-plus incidents and 2,200 breaches in only 12 months, suggesting an information parallel universe in which an uneven playing field exists whereby the bad guys and rouge bots consistently probe from the outside.

Here are some of the key findings in terms of actual breaches:

  • 73 percent were perpetrated by external forces
  • 50 percent were carried out by organized crime groups
  • 48 percent were due to hacking; 30 percent from malware
  • 76 percent were financially motivated
  • 68 percent took months or longer to discover

According to the report: “Phishing individuals (Social) and installing keyloggers (Malware) to steal credentials (Hacking) is still a common path even after sub-setting the botnet breaches from the rest of the data. Moreover, we are talking about confirmed data breaches and it is important to keep in mind that attacks that we see on the rise, such as ransomware and some financial pretexting, do not require a breach of confidentiality for the attacker to meet their goal.”

Ransomware was a major thrust of the report findings. While ransomware was the fifth most common type of malware associated with security incidents in the 2017 report, this year ransomware was in first place. Even more striking, ransomware is no longer an attack targeted to desktop computers, rather hackers are increasingly going after business-critical systems, leading to bigger ransom demands and higher revenues for criminals.

Verizon reported that the growth of the ransomware threat shouldn’t be much of a surprise because the attack requires “little risk or cost to the adversary involved,” doesn’t require monetizing stolen data and is flexible enough to be deployed across many devices or in targeted attacks.

During a heightened attack, hackers are looking to exploit legacy systems left vulnerable so that the attack can mutate and replicate the volume of messages sent to victims. Verizon cites the example of companies that expose web applications with known vulnerabilities. Another common vector that DDoS attackers take advantage of includes exploiting DNS and NTP services (i.e., hackers convert your infrastructure into their infrastructure and hijack your equipment to compromise other enterprise systems).

The speed of attacks was another startling data-point: It takes cybercriminals just minutes, or even seconds, to compromise a system – but only three percent are discovered as quickly.

“When breaches are successful, the time to compromise continues to be very short. While we cannot determine how much time is spent in intelligence gathering or other adversary preparations, the time from first action in an event chain to initial compromise of an asset is most often measured in seconds or minutes. The discovery time is likelier to be weeks or months,” Verizon wrote in the report. “The discovery time is also very dependent on the type of attack, with payment card compromises often discovered based on the fraudulent use of the stolen data (typically weeks or months) as opposed to a stolen laptop, which is discovered when the victim realizes they have been burglarized.”

While no one IT solution can address all of the challenges confronted in the report, one significant preventive measure Verizon recommends is segmenting of networks, which “reduces the impact of a compromised user device by segmenting clients from critical assets, and using strong authentication (i.e., more than a keylogger is needed to compromise) to access other security zones within your network.”

One of the most effective means of reducing the attack surface of an enterprise is the capability provided by an SD-WAN solution to segment the network by class of traffic and segmentation of duties, i.e., CEO vs CFO vs CIO. The four-square challenge that many enterprises face is that they lack full integration of security and networking services in the same edge device or image, and their perimeter networking architecture does not allow for multi-tenancy everywhere in the enterprise.

The ability to provide true multi-tenancy intra-enterprise to segment traffic and privileged communications, and segment every sub-net on the corporate network, is a significant preventive maneuver to reduce the windows of vulnerability within the global enterprise.

A good example would be how to segment guest WiFi or personal WiFi traffic from business-critical branch traffic or traffic segmented by user-employee Active Directory profiles. In this scenario, Versa can seamlessly interoperate with zScaler to send Personal WiFi traffic through secure web gateway processing.  Versa can also segment Personal WiFi data so that it is not allowed to traverse the main enterprise infrastructure (route traffic from a stated zone directly to zScaler from the branch). 

The DBIR draws its findings from an analysis of real-world data breaches investigated by Verizon and an extensive range of third-party contributors that included CERT-EU, US-CERT, Carnegie Mellon University CERT, the U.S. Secret Service, and the Irish Reporting and Information Security Service (IRISS CERT).

For a complimentary download of the report, visit:

https://www.verizonenterprise.com/verizon-insights-lab/dbir/


Topics





Recent Posts








Top Tags



Gartner Magic Quadrant for WAN Edge Infrastructure

Gartner Magic Quadrant report analyzes the various vendors in the WAN edge market and Versa is positioned as a Leader.