RecordTrend.com is a website that focuses on future technologies, markets and user trends. We are responsible for collecting the latest research data, authority data, industry research and analysis reports. We are committed to becoming a data and report sharing platform for professionals and decision makers. We look forward to working with you to record the development trends of today’s economy, technology, industrial chain and business model.Welcome to follow, comment and bookmark us, and hope to share the future with you, and look forward to your success with our help.
The following is the Do you think you are ready for the next solarwinds attack? In fact that was not the case. recommended by recordtrend.com. And this article belongs to the classification: network security, Industry information.
By Nicholas Arora, CEO and chairman of Palo Alto networks
Learn from this attack and prepare the infrastructure for the next threat
Since the attack on solarwinds supply chain on December 13, the already stretched security team has been busy again, fighting against the clock to ensure the security of the enterprise.
When the whole world is paying attention to the list of more and more invaded enterprises, many people think they are OK. They believe that if they are not running solarwinds, or a specific version of solarwinds, they can get back to normal. I saw a security researcher publish a picture of whiskey glasses with ice and cigars, suggesting that other security personnel take a break because he was worried that it might be a long winter.
Such pictures are misleading. In fact, network related activities will only go up, not down. If we all think that network security is very important before, it will be even more important in 2020. Many physical stores are closed, and employees work from home through the Internet – the whole business has just been digitized.
In this context, solarwinds exposes the weaknesses of enterprise infrastructure. I don’t know how many people are trying to figure out where they are running related products, and how many and which products are affected. It shouldn’t take so long next time.
What I’m saying is not for those companies that are confirmed to have been invaded – it’s for those companies that are celebrating their escape from this attack. This is a wake-up call for the modernization of network security. Enterprises need to pay attention to some related areas, and actively prepare.
It is very important for enterprises to master their own environment through a set of complete, accurate and timely updated benchmark information. This means more than just checking if they are running solarwinds. Too many companies don’t know what they have, and they don’t have all the latest versions (ironically, tens of thousands of solarwinds customers escaped because they didn’t download the infected updates in time). No one is willing to spend days responding to critical events just to figure out the inventory. The enterprise needs to complete the detailed analysis of its whole system, infrastructure, software, supply chain and external attack surface immediately. Agile enterprises can not only detect and prevent these attacks in the future, but also combine this set of benchmark information to conduct forensic investigation quickly.
Seriously repair our infrastructure. Enterprise IT architecture needs to make all logs, network and security data communicate with each other, and software should be intelligent enough to identify the useful content in these data. If the product had been more integrated, the event would have ended earlier. Enterprises need to turn to a network security platform that can detect and correlate millions of events in host, network, firewall and cloud in real time, and then implement comprehensive detection and response. Hackers use highly efficient tools and methods, and enterprises also need to use efficient network security platform driven by machine learning to be equal to them.
The government encourages innovation. Government departments need to be more flexible in removing barriers and faster in protecting their institutions from complex threats.
All the right things to do in 2020 are related to technology, which proves once again the importance of technology. When the new covid-19 epidemic is coming, remote access will keep the business and government departments running normally. And retailers take online service as an important means of survival. However, it also means that we need to protect an expanding border against increasingly complex attacks.
Group attacks, which we call solarstorm, have become another turning point in network security. Before that, there were massive DDoS attacks and cyber theft that affected our financial services infrastructure; wiper attacks that paralyzed enterprises and energy production; theft of government secrets; and notpet, which caused the closure of ports, pharmaceutical factories and manufacturing industries and caused billions of dollars in losses to enterprises And so on.
It’s impossible to defend 100% of the time. At some point, customers need to trust the vendor and the security updates they provide. But in the face of the bad guys who always try to surpass us, security must be more proactive and future oriented. If the attack cannot be stopped in real time, it needs quasi real-time detection and investigation. The era of fragmented security patches and long investigation cycle is over. We need high-quality data and practical artificial intelligence technology to keep ahead.
Take a breath of relief that you’re not affected? Now is not the time. Experienced hackers have spent years planning attacks – and we have to invest resources in defense. Let’s always be prepared to defend against the inevitable unknown threats now and in the future, so that we don’t have to rush to investigate what happened afterwards.
About Palo Alto networks
As a global network security leader, Palo Alto networks is using its advanced technology to reshape the future society with cloud as the center, changing the way of human and organizational operation. Our mission is to become the preferred network security partner and protect people’s digital lifestyle. With our continuous innovation and breakthrough in artificial intelligence, analysis, automation and choreography, we help our customers cope with the most serious security challenges in the world. By delivering integrated platforms and promoting the continuous growth of partner ecosystems, we are always at the forefront of security, escorting tens of thousands of organizations in cloud, network and mobile devices. Our vision is to build an increasingly secure world. For more information, please visit Palo Alto networks website www.paloaltonetworks.com Or Chinese website www.paloaltonetworks.cn .
More read: solarwinds: 2 / 3 of US companies have used cloud computing in their business. Spiceworks: 239 network security start-ups attracted more than US $1.4 billion in venture capital in 2013. Glassdoor: Top 25 of US technology industry salary list in 2017. Glassdoor: Palo Alto, the highest paid position list in 2019 Networks:Twitter How does technology destroy employment? Cloud service provider softlayer: acquired by IBM for about US $2 billion global webindex: as of November 2014, the number of wechat users in the United States exceeded 3 million unit 24: 2020 Internet of things threat report CB insights: in 2017, 17 network security start-ups have been acquired Barron weekly: hackers have hacked US $250 billion a year to counter cyber attack market F5 Network: half of users in Asia Pacific region think that security is very important to application experience Verizon: data leakage investigation report in 2018 CB insights: a total of 140 investments in Q1 network security in 2017 time: the world’s top 25 inventions in 2014
If you want to get the full report, you can contact us by leaving us the comment. If you think the information here might be helpful to others, please actively share it. If you want others to see your attitude towards this report, please actively comment and discuss it. Please stay tuned to us, we will keep updating as much as possible to record future development trends.