The Latest Cisco News
Product and Solution Information, Press Releases, Announcements
Ransomware in Education: How to use your Network to Stay Ahead of Attacks | |
Posted: Mon Dec 23, 2019 09:50:01 AM | |
Guest Author: John Sellers, Stealthwatch for Public Sector at Cisco. Educational institution systems store a large amount of sensitive data, including student and employee records. They rely heavily on these systems for day-to-day operations. So any disruption or loss of access can be a game changer. But these same institutions also often have tight budgets and can’t afford to employ large security teams. That’s one reason they’re perceived as easy and lucrative targets by online adversaries. A typical response may be to deploy multiple security technologies to block threats from entering your organization at various attack vectors, and you should continue to do so. However, just relying on these techniques isn’t enough since 100% prevention is not possible in today’s complex threat landscape. That’s where continuous monitoring of your network’s behavior comes in. By using this approach, you can help detect and respond to a ransomware attack more quickly and effectively. How to stay ahead of cyber threats Your network is a source-of-truth of every activity – normal or malicious. Adversaries must use your network in order to carry out their malicious objectives. Because of this, collecting and analyzing your network telemetry is an effective way of detecting advanced threats, like ransomware. Here’s how it helps you.
Industry-leading network visibility and security analytics The capabilities described above are offered by Cisco’s network traffic analysis solution, called Cisco Stealthwatch. It provides enterprise-wide visibility, from the private network to the public cloud, and applies advanced security analytics to detect and respond to threats in real-time. By using a combination of behavioral modeling, machine learning, and global threat intelligence, Stealthwatch can quickly (and with high confidence) detect threats such as:
With a single, agentless solution, you get comprehensive threat monitoring across your data center, branch, endpoint, and cloud. Plus, it can also analyze encrypted traffic for threats, without any decryption, using our proprietary Encrypted Traffic Analytics technology. Stealthwatch can detect ransomware hiding in encrypted traffic, and can also correlate it to global campaigns like WannaCry. By deploying Stealthwatch, you can turn your network into a “threat sensor” by simply collecting telemetry such as NetFlow. And there is no need to deploy multiple agents. Stealthwatch can be deployed easily. Best of all, it scales automatically with your infrastructure, growing as your needs grow. |