Strengthen your cybersecurity to proactively prepare
Cyber breaches are now routine. The cost of each cyber breach is rapidly increasing as well. The 2022 "Cost of a Data Breach Report" from the Ponemon Institute and IBM Security showed each attack is now costing an average of over $4,000,000:
Why breaches are now so common and expensive
The cause behind all these expensive breaches is simple: networks. Yes, networks, such as our LANs, WANs and Internet, enable the connectivity our businesses, customers and suppliers require. However, networks also enable connectivity for attackers.
The job of a network is connectivity - the network itself doesn't know the difference between your employees and your attackers. Meanwhile, we have rapidly expanded our networks:
- Our critical software is in the cloud
- Our employees are everywhere
- Our customers and suppliers rely on our online software
This network expansion means:
- We have more distributed network attack surfaces
- The surfaces are more difficult to defend
- Breaches in any surface use our networks as roads to get to our critical data and apps
How to reduce breaches and breach damage
Businesses need cybersecurity training, revised business processes and new cybersecurity tools. All of these need to focus on the greatest threat: the network. Businesses also need cyber liability insurance protection to deal with the worst case scenarios.
Cybersecurity and cyber liability insurance go hand in hand. Businesses pay less cyber security insurance premiums when their cybersecurity practices are stronger. Meanwhile, cybersecurity insurance providers pay out less when breaches are reduced, and when the impacts of each breach are reduced. The best way to reduce breaches and breach impact is for businesses to strengthen cybersecurity practices, specifically by focusing on the risks caused by our networks.
“We are committed to protecting our clients’ data. Partnering with NetFoundry isn’t just a way to accomplish this, but the best way.”
Steve LindseyCIO, Liveview Technologies (LVT)
“In the current pandemic, although our usage has multiplied at FWD Insurance, NetFoundry easily scaled to facilitate zero trust security for our new work from home workforce.”
Shilpa TummaInfo Security Officer, FWD Insurance
“NetFoundry extends the WAN all the way to the application endpoint without CPE, over the Internet. We integrated NetFoundry’s AppWANs into the networking solutions we sell to financial institutions to enable them to meet their strict regulatory and security requirements.”
Chris WilliamsVP at PliantCloud, Alliance Technology Group
How NetFoundry's cybersecurity platform helps you reduce breaches and lower cyber liability insurance
Cybersecurity can be intimidating. The key is to simplify and to focus on the most important threat: cyber attackers repurposing your network as the roads for their attacks. All the other terms you hear are a means to this end. This includes multi-factor authentication (MFA), vendor risk management, penetration testing, password policies, backups, encryption, ransomware protection, API security, zero trust network access (ZTNA), third party access, VPNs, firewall ACLs...you name it.
The scary thing is you can get trapped in that alphabet soup of "solutions" and still have openings in your network for attackers to exploit. You invest tons of time and money and yet your risks are not lowered enough, and your cyber liability insurance premiums stay the same. NetFoundry helps you avoid that trap by focusing on the simple truth: a secured network is the #1 factor in proactively defending against attacks, minimizing the damage of any successful attack and lowering your cyber security insurance premiums. Here's how it works:
Close all your network doors
- Closing your doors is obvious. Unfortunately, traditional solutions leave doors open. NetFoundry uniquely gives you a simple way to close them all.
- Believing your doors are closed is not enough. You need proof. With the NetFoundry solution, your inbound firewall rules are simple: deny-all. Show this to your insurance provider and it produce smiles...and lower premiums.
- Nope, no back doors either. Goodbye VPN. Eliminate bastions. Passwords and TOTP codes don't provide access (they can be used as part of the layered NetFoundry solution, but it is not 'game over' if they are stolen or compromised because the network itself is closed).
X.509s made simple
- Now that we closed the doors, the question is the keys. Passwords don't cut it. TOTPs are commonly hijacked with phishing schemes and sophisticated attacks. So NetFoundry uses physical keys - X.509 certificates.
- X.509s are are used everywhere from your mobile banking app to nation state cybersecurity because they are cryptographically validated and extremely difficult to breach. The problem is they are difficult for businesses to implement. NetFoundry makes it simple.
- The X.509 also enables you to meet the multi-factor authentication (MFA) requirements provided by your insurance provider for every app. This is important because some businesses can't get cyber liability insurance without MFA (carriers like Travelers have made MFA mandatory).
Making backups and segmentation simpler and more secure
- Even the best security in the world can be breached. If so, you need to contain the damage. Make it so if one breached segment can't be used to infect other segments (customers, data, apps).
- NetFoundry uniquely provides app level microsegmentation, by design. You don't even think about it - it is natively there.
- Backup and recovery is critical, especially for defending against ransomware. The problem is that it is often not segmented - so a a breach somewhere else infects your backups. NetFoundry solves this by natively segmenting off your backup and recovery processes.
mTLS, MFA, encryption...everywhere
- With our network doors now closed, mutual TLS (mTLS), multifactor authentication (MFA) and encryption become relevant.
- NetFoundry makes mTLS, MFA and encryption simple. This includes legacy apps, APIs, third-party access and remote management of network equipment. Event mTLS for IoT!
- Rather than need to implement mTLS, MFA and encryption on a per app basis, NetFoundry provides one platform which gives you mTLS, MFA and encryption everywhere.
Case Study: NetFoundry customers protected from Apache Log4j attacks
Log4Shell cost companies billions of dollars to recover, with each incident carrying estimated price tags of $33,000 to $90,000.
Yet, for NetFoundry customers, the Log4Shell and Log4j attacks were mainly non-events. Not only were no NetFoundry customers impacted, the businesses which use NetFoundry for full Zero Trust weren’t forced to scramble to react to the Apache Log4Shell attacks because their secure by design architectures meant Log4Shell couldn't grasp its first breath of air. NetFoundry customers were default protected, because NetFoundry enabled them to shut all their network doors, before Log4Shell even existed!
Case Study: NetFoundry customers protected from Atlassian Confluence CVE-2022-26134
On June 2, 2022, Atlassian released a security advisory for their extremely popular Confluence Server and Data Center apps, detailing a critical remote code execution vulnerability. This vulnerability is CVE-2022-26134. The US Cybersecurity and Infrastructure Security Agency urged companies affected by this CVE to “block all internet traffic to and from those devices until an update is available and successfully applied.” For NetFoundry customers, CVE-2022-026134 was mainly a non-event. No NetFoundry customers were breached. NetFoundry customers were default protected, because NetFoundry’s secure by design architecture uniquely enabled businesses to close all their network doors - including all their inbound firewall ports in front of their self-hosted Confluence servers. NetFoundry customers were compliant to the CISA advisory before the CVE existed and before the advisory was issued!