Cisco Cisco ScanSafe Secure Mobility White Paper
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 1 of 8
White Paper
Mitigating Web Threats with Comprehensive,
Cloud-Delivered Web Security
Cloud-Delivered Web Security
Overview
For collaboration, communication, and data access, the web has become a mission-critical business tool. But the
web also poses significant security risks to the enterprise that are easily encountered yet not so easy to detect.
Some of the most sophisticated web-based threats are designed to hide in plain sight on legitimate and well-
trafficked websites. For example, “malvertising” is the new industry term for disguising malware as online
trafficked websites. For example, “malvertising” is the new industry term for disguising malware as online
advertisements. Watering hole attacks conceal malware on member-based sites, phishing campaigns target
individuals with personal details, and botnets take control of victims’ devices.
individuals with personal details, and botnets take control of victims’ devices.
Research conducted by Cisco
®
Talos found that 93 percent of customer networks access websites that host
malware.
1
These types of attacks often represent malicious code on trusted webpages that users may visit every
day.
The Challenges
All organizations of every size are at risk for web malware exposure, but research shows that the largest
enterprises (with more than 25,000 employees) have more than 2.5 times the risk of encountering web malware
than smaller companies. These organizations generate, collect, and store a wealth of intellectual property and
other high-value information such as financial and customer information and big data. This information makes them
prime targets for cybercriminals.
But no organization is immune. Entities around the world, including companies and even nation-states, are
engaging hacker
s to help them conduct corporate espionage and other types of “intelligence gathering.” Hacking is
an industry.
And as companies transition away from traditional IT models, remote users need protection beyond the firewall.
Security is no longer only about
safeguarding data centers; it’s now also about protecting devices.
The traditional assumption that threats come only from outside the firewall is no longer valid. Advanced attacks
access information from inside the network through infected guest, employee, or even company devices.
Once an organization’s network is compromised, it can take weeks, months, or longer for an advanced persistent
threat (APT) to be detected in the network. Some threats are so sophisticated that they may sit doing nothing for
weeks, like sleepers, before they get to work. Meanwhile, the targeted organization continues to lose data and is at
risk of facing significant financial or reputational damage.
1
Cisco 2015 Midyear Security Report
.