Salman Carim, Director, NEMEA Networking & Security Sales, VMware
This year, we’ve seen cyber innovation on steroids. And while that means more sophisticated, AI-enabled security systems that can detect growing threats better, it also means cyber criminals are advancing in such attacks quicker than before. Bad actors constantly find new ways to infiltrate company infrastructure, leaving enterprises on the back foot when it comes to protecting their core assets and IP.
These advancements are no more apparent than in ransomware – a particularly pernicious form of malware that infiltrates computer systems and silently encrypts them, making it impossible to access their content until a ransom is paid. But when average ransomware payments have nearly doubled to $1.5m in a year, according to Sophos, and two-thirds (66%) of organizations have been hit by ransomware in the last 12 months, enterprises need to shift their mindset to building infrastructure that’s intrinsically resilient to cyber-attacks.
There are four essential components to developing this mindset, which we’ll explore below:
- Design: In the evolving cyber threat landscape, security should never be considered as an afterthought. It needs to be absolutely core and intrinsic to the infrastructure itself. And that starts with its design.
- Protect: Internal firewalling might be a fundamental first step for many organizations, but there is so much more that can be done beyond this to understand what’s happened when a cyber-attack strikes:
- Network detection and response: AI and ML are starting to give enterprises significant ways to defend against ransomware before it gets into IT systems in the first place. This is done through behavioral analysis, whereby suspicious activity or flows of data can be detected and flagged rapidly before they become a threat.
- Network traffic analysis: With VMware NSX, enterprises have visibility down to the bits and bytes traversing their network. Crucially, this isn’t just visibility into ingress and egress traffic, but also, east-west traffic within the network itself. This can be controlled within and between applications using micro-segmentation, meaning that once a threat gets into the system, east-west propagation can be prevented.
- Monitor: Businesses must be able to understand the way traffic flows in their environment. They can do this through software that looks at the way things are communicating to recognize different types of attacks.
- Recovery: Of course, attackers will aways find ways to take advantage of things that can’t be controlled, and so backups and snapshots of data are an essential component to recovering infrastructure in order to avoid paying a ransom and getting the business back up and running. Through behavioral analysis, VMware Ransomware Recovery enables safe recovery from modern ransomware attacks. With guided workflow automation, customers can quickly identify recovery point candidates, validate restore points, and prevent reinfection with networking isolation capabilities.
Have you signed up for VMware Explore Barcelona yet?
VMware Explore Barcelona is nearly upon us (6-9 November 2023), and our highly anticipated event is a great chance to come and learn how we’re helping enterprises move to an intrinsic security model and build resilient infrastructure in response to malicious threat actors. Register today to join thousands of industry peers at the Fira Gran Via and sign up for the following must-attend sessions:
Discover how to implement network connectivity and granular security for applications with NSX automation, using various tools and platforms – such as VMware NSX APIs, VMware PowerCLI, Ansible, Terraform, and VMware Aria Automation.
In part one of this session, learn from Acme Fitness Corporation, one organization that suffered a cyber-attack but used that breach as a catalyst to redesign a new, more secure multi-cloud infrastructure. In this session, we’ll look at the breach itself, as well as the subsequent objectives that were defined to help Acme Fitness Corporation move to a more modern data center.
In part two of this session, discover how to deploy VMware NSX+ in conjunction with VMware Aria Operations for Logs, and Splunk to build a robust security operations flow. Ant Ducker and Ionut Pirva will discuss how a security orchestration, automation and response (SOAR) platform can help to mitigate live attacks, by identifying threats that are moving laterally within the data center and how to build playbook responses to minimize the impact of targeted attacks on the business.
Don’t miss out on this opportunity to learn more about how with VMware, modern enterprises are protecting their networking infrastructure both for today and tomorrow. Register today to secure your ticket at VMware Explore Barcelona!