Story image

RSA: Gateway to next generation security

26 Aug 2014

Businesses need to fundamentally evolve their approaches – yes, approaches, plural – to security, says RSA's Steve Schlarman.

Companies have battled security challenges in the past by building layer upon layer of defences – firewalls, antivirus, intrusion detection systems, vulnerability scanners, security policies, identity management, etc.

Of course those layers are necessary – without them your company would be completely defenceless. Those layers provide the fundamental defence in depth and are critical to protecting against the lowest common denominators – unskilled attackers and random shotgun attacks.

However, today’s adversary consistently finds ways to weave through those defences and we read almost every day about data breaches or security issues at major corporations. Security functions are faced with increasing complexities, data, business changes and an ever shifting technology landscape.

Doing the right thing should be obvious, but for today's IT security organisations, it is too often hidden. Security teams are frequently sitting in the dark manually gathering information from multiple sources just to make a decision.

When security determines what the most important issue is, it is too late to properly respond. Companies have to address the blind spots within the technical infrastructure. The evidence points time and time again to how data breaches bypassed technical controls and were not based on simple attack vectors.

Investment in packet and log capture technologies to rely less on signature based protective measures is necessary for organisations to deploy investigative resources to identify advanced, complex attacks that are weaving their way through the layers of defence.

Fusing business context into security processes is absolutely essential to deal with the growing complexity and reduce the 'noise'. Security functions are no longer protecting nameless IP addresses and servers. They understand the need to connect business criticality to IT infrastructure to drive priorities.

Little knowledge of which processes, technologies and other infrastructure components are priority for security, drives inefficiencies. In response, security functions are looking for more information from the business to catalogue and classify assets to insert these priorities into the security process.

Security is no longer just a technology problem and processes and skilled resources are just as important. Too often in many organisations the answer to a technological threat (today’s organised digital criminal adversaries) has been technology.

While technology is an enabler, the processes that support the technology and the manpower running those systems are what will make any implementation successful. Organisations need to fundamentally evolve their approaches to security efforts.

Currently, organisations have deployed these layered defences, but many are disconnected or supported by manual, time intensive processes. Detective and investigative processes and technologies must be implemented to find advanced attacks.

Prioritisation and efficient processes must be enabled by integrated security technologies that are managed by trained, skilled personnel.

Organisations are working hard to expose those blind spots, connect IT assets to business criticality and improve processes and skills such that security functions can do the right thing, at the right time, for the right reason.

The silver lining in Australia’s Government cloud strategy
Cloud has been a huge part of the ‘digital transformation’ conversation within Australian government during recent years.
Aerohive achieves ISO/IEC 27001 cloud platform certification
Aerohive is the first cloud-managed networking vendor recognized by a global standard for commitment to information security management systems.
Is Google’s Stadia feasible with today’s data centres?
To get a better idea of the sheer audacity behind Google’s latest move, we spoke to Unitas Global chief technical officer Grant Kirkwood.
Survey: IT pros nostalgic over on-prem data centre visibility
There are significant security and monitoring challenges faced by IT staff responsible for managing public and private cloud deployments.
61% of CIOs believe employees leak data maliciously
Egress conducted a survey to examine the root causes of employee-driven data breaches, their frequency, and impact.
VMware allures APJ channel veteran to take the reins
Balasingam will take on the role of vice president for VMware’s partner business in Asia Pacific and Japan (APJ).
Security top priority for Filipinos when choosing a bank - Unisys
Filipinos have greatest appetite in Asia Pacific to use biometrics to access banking services
Opinion: Modular data centers mitigate colocation construction risks
Schneider's Matthew Tavares believes modular data centers are key for colocation providers seeking a competitive advantage with rapid deployment.