The bandwidth requirements previously weren't at high levels. So proxy based devices worked adequately to the speeds of 600 to 700 Mbps. Also the customers probably bought the biggest and most expensive box (from competition) to avoid slowing of networks when speeds escalated in future.
The other big disadvantage with proxies is the limited number of sessions they can cope up with. Transparent bridge by ContentKeeper has no limitation on simultaneous sessions at extremely high speeds around 4 to 6 Gbps from IU device whereas other vendors struggle with a room full of computers for the same job.
CISOs have to assume the security risks at all levels from outside and inside the company, from staff, from employees, from hackers who have managed to get through first layer of defense to the next layer. They can infiltrate the organization this year and maybe steal the data for over three years while sitting in the network.
Has the way enterprises buy security solutions changed over the years?
CISOs are lot more worried about the driving factors of malware defense and mobility as there is more malware out there. Like CryptoLocker in recent past which wrecks the entire network and then it takes lot of money to avert this ransomware. Everyone was absolutely paranoid for good reason even before the malware entered their network.
It is lot cheaper for CISOs and companies to install good defenses for malware than just hope and think that breach will not happen to them. Because it will.
Probably, CryptoLocker attacks on personal and official mail ids are rampant with senior executives receiving 6 to 8 per week. It needs one employee to click a wrong file to spread the ransomware across the network and lock all the files. The company within minutes goes from 100 percent operational to being zero operational, unless you pay the hackers.
Any best practices for CISOs for a more robust web security?
Firewall is obviously the first line of defense. Then a Web filtering system preferably with some malware defense built into it. And the final line of defense is desktop AV.
Today's malware engines are reactive defenses which are signature based systems. They detect a piece of malware like traditional AV. But due to emergence of newer threats, a new copy of the threat with different signatures is created. Every user gets different versions of the same piece of malware and hence signature checking systems aren't good anymore. That's why advanced malware protection like behavior analysis systems and sandboxing systems are needed to catch zero day top threats before they end up in your lap.
ContentKeeper fortunately is in a good spot to offer these advanced technologies. Also the global mesh system at the backend filtering more than 21 million devices instantly shares information in real time to alert the companies and keep them more protected.
Sign up for Computerworld eNewsletters.