Page 23 - Cyber Warnings
P. 23
vendors such as Cisco that legitimized the teaser release as their products were
targeted in two of the distributed exploits, EPICBANANA and EXTRABACON.
With the recent US election behind us, and evidence suggesting that Russian-sponsored
attacks on both the DNC and RNC systems occurred, it looks as though things are
heating up when it comes to world powers using the Cyber domain as a method to
influence, push agendas, or seek specific results.
Mitch McConnel recently said in a statement regarding these attacks “…we need to
integrate our Cyber capabilities into our overall warfighting doctrine…” There should be
no expectation this will change as we move into 2017. What can we do about it? Well, I
am putting some popcorn in the microwave and intend to sit back and watch the show. I
hear this next season is going to be great!
IV. Agent consolidation will help ease vendor fatigue. Enterprises will seek disruptive
technology and other "full stack" security solutions for endpoints systems that will allow them
to reduce the number of security agents actively running on their machines.
Listening to my colleagues in the field I often hear about how numerous agents are
burdening their endpoints. Each of them adds another layer of protection that was
deemed necessary to the business.
However, with each extra layer of protection, and agent, comes a new vendor, a new
patching cycle, a new management console, and a lack of interoperability. It's like
forcing your endpoints, and those managing them, to be in a polyamorous relationship
with multiple egocentric narcissists each proclaiming that they are the best partner for
you.
Relationship fatigue is real, and so is vendor fatigue. My endpoint agent rule of thumb
is, “The number of agents should not be greater than the number of people I would want
to date at the same time. (usually less than four whenever possible).”
Decision makers are looking for new technologies that are disruptive, contain many
features in a single package, and will enable them to reduce hands-on management
overhead while still maintaining acceptable levels of confidentiality, integrity, and
availability of systems in their environments.
Why deal with five vendors when you can deal with three. As a result, endpoint focused
security technologies are expanding their capabilities and offering more robust full stack
integrations.
I touched on this concept up above. The “traditional” way of doing things is being phased
out. Agent-based protection, while useful, has reached its limits. As competitors in the
23 Cyber Warnings E-Magazine February 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
