Story image

RSA: Gateway to next generation security

26 Aug 14

Businesses need to fundamentally evolve their approaches – yes, approaches, plural – to security, says RSA's Steve Schlarman.

Companies have battled security challenges in the past by building layer upon layer of defences – firewalls, antivirus, intrusion detection systems, vulnerability scanners, security policies, identity management, etc.

Of course those layers are necessary – without them your company would be completely defenceless. Those layers provide the fundamental defence in depth and are critical to protecting against the lowest common denominators – unskilled attackers and random shotgun attacks.

However, today’s adversary consistently finds ways to weave through those defences and we read almost every day about data breaches or security issues at major corporations. Security functions are faced with increasing complexities, data, business changes and an ever shifting technology landscape.

Doing the right thing should be obvious, but for today's IT security organisations, it is too often hidden. Security teams are frequently sitting in the dark manually gathering information from multiple sources just to make a decision.

When security determines what the most important issue is, it is too late to properly respond. Companies have to address the blind spots within the technical infrastructure. The evidence points time and time again to how data breaches bypassed technical controls and were not based on simple attack vectors.

Investment in packet and log capture technologies to rely less on signature based protective measures is necessary for organisations to deploy investigative resources to identify advanced, complex attacks that are weaving their way through the layers of defence.

Fusing business context into security processes is absolutely essential to deal with the growing complexity and reduce the 'noise'. Security functions are no longer protecting nameless IP addresses and servers. They understand the need to connect business criticality to IT infrastructure to drive priorities.

Little knowledge of which processes, technologies and other infrastructure components are priority for security, drives inefficiencies. In response, security functions are looking for more information from the business to catalogue and classify assets to insert these priorities into the security process.

Security is no longer just a technology problem and processes and skilled resources are just as important. Too often in many organisations the answer to a technological threat (today’s organised digital criminal adversaries) has been technology.

While technology is an enabler, the processes that support the technology and the manpower running those systems are what will make any implementation successful. Organisations need to fundamentally evolve their approaches to security efforts.

Currently, organisations have deployed these layered defences, but many are disconnected or supported by manual, time intensive processes. Detective and investigative processes and technologies must be implemented to find advanced attacks.

Prioritisation and efficient processes must be enabled by integrated security technologies that are managed by trained, skilled personnel.

Organisations are working hard to expose those blind spots, connect IT assets to business criticality and improve processes and skills such that security functions can do the right thing, at the right time, for the right reason.

Lenovo DCG moves Knight into A/NZ general manager role
Knight will now relocate to Sydney where he will be tasked with managing and growing the company’s data centre business across A/NZ.
The key to financial institutions’ path to digital dominance
By 2020, about 1.7 megabytes a second of new information will be created for every human being on the planet.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
Record revenues from servers selling like hot cakes
The relentless demand for data has resulted in another robust quarter for the global server market with impressive growth.
Opinion: Critical data centre operations is just like F1
Schneider's David Gentry believes critical data centre operations share many parallels to a formula 1 race car team.
MulteFire announces industrial IoT network specification
The specification aims to deliver robust wireless network capabilities for Industrial IoT and enterprises.
Google Cloud, Palo Alto Networks extend partnership
Google Cloud and Palo Alto Networks have extended their partnership to include more security features and customer support for all major public clouds.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill.