Jan/Feb 19 - ChannelVision Magazine

Meta Networks advocates using software defined perimeters (SDPs) over perimeter-based VPNs. For companies with unmanaged per- sonal devices, and for contractors, partners and customers, a browser- based solution such as Meta NaaS that requires no client or agent installation is recommended. With Meta NaaS, end users also can be freed from the need for repeated, multiple VPN connections when they want to access apps located in dif- ferent locations. While ransomware may seem like old news at this point, it’s still a major risk facing businesses of all sizes and something that partners should be able to address with their security portfolios. What cybersecurity threats will be the biggest threat the channel will experience in 2019? Ransomware 80% Data breaches 55% Phishing 52% Security exploits 51% BYOD 22% Cryptojacking 17% Rogue insiders 17 DDoS 8% Source: Untangle “2019 will see a greater number of targeted manual ransomware attacks, in addition to ongoing automated at- tacks, with backup data included as a primary target in these attacks,” explained Asigra executive vice presi- dent Eran Farajun. “With the manual/ targeted attacks, hacker behavior is customized to the victim’s environ- ment, making it more difficult to detect. It can be done reactively to the victim’s defensive measures put in place by the target, often a business. “Channel partners can counter these new attacks with backup soft- ware that provides a multi-layered (defense-in-depth) capability that pro- vides zero-day attack-loop prevention and exploit protection, bi-directional malware detection, variable repository naming, two-factor biometric authenti- cation, and more,” Farajun continued. Eyes on the Cloud Nearly six in 10 channel partners agree or strongly agree that moving network traffic and data to the cloud will improve security. However, price (35 percent), lack of trust (31 percent) and lack of knowledge (27 percent) are top barriers facing the channel. “Cloud migration success hinges on the partner clearly explaining what security tools are provided by the cloud provider and how to consume them, in addition to those third-party tools that the partner can assist with deployment,” explained Anupam Sahai, vice presi- dent of product management at Cavirin. “It is the partner’s role to integrate the two in a way that meets the client’s cloud security goals. This combination offers the client a unified view of their cyber posture, keeping with the spirit of the cloud shared-responsibility model.” What barriers do you think the channel experiences in the cybersecurity market? Budget constraints 62% Limited solutions knowledge 56% Pricing/Margin issues 42% Lack of manpower to monitor and manage security 38% Limited time to research new threats 38% Rogue employees 37% Discoverability of solutions 13% Channel inefficiencies/logistical issues 13% Source: Untangle “Cloud adoption brings with it a fun- damental increase in business agility, flexibility and scale,” added Rishi Bhar- gava, co-founder at Demisto. “How- ever, these benefits can only truly be realized if they’re matched with corre- sponding security agility. The fact that ‘lack of trust’ and ‘lack of knowledge’ are cited as barriers to cloud adoption makes sense.” Bhargava pointed out two common factors that contribute to these barriers. One is a lack of scalable identity ac- cess management in the cloud. Cloud processes, Bhargava explained, involve products talking to other products, which are usually driven by the storage and transfer of user credentials, leading to needlessly exposed assets. Another barrier is a lack of visibility from the rapid nature of cloud provi- sioning. “If security and IT teams aren’t aware of what virtual machines exist in their environment, they certainly can’t monitor or protect them,” Bhargava said. “Cloud adoption has increased the computing surface but also obfus- cated the threat surface.” Bhargava offered some tips to en- sure a successful and secure cloud adoption. “Include tools in your stack that are fairly general-purpose and help unify processes across disparate infrastruc- tures,” he said. “In the midst of cloud adoption (and even after completing your cloud journey), it’s vital that your cloud and on-premises environments are on the same page. “Also, find a way to execute keyless or ‘zero-trust’ access management, preferably through role access,” con- tinued Bhargava. “If products can talk to other products and execute actions without the need for credential man- agement and transfer, processes can scale without affecting security.” o Cyber Patrol A few other emerging security items for 2019 include: WPA3-enabled routers: As we explain in greater deal in Wi-Fi’s Next Step (see page 22), the Wi-Fi alliance recently released a new security standard, WPA3. Manufacturers are now integrating WPA3 security into new routers, and adoption is expected to increase in 2019. Artificial intelligence (AI): Demand for artificial intelligence (AI) and machine learning is skyrocketing, and cybersecurity is one of the top use cases for both. Cybersecurity companies are integrating AI into their services to help detect anomalies and network intrusions, and data centers are using it to secure cloud instances. 34 Channel Vision | January - February, 2019