Story image

RSA: Gateway to next generation security

26 Aug 14

Businesses need to fundamentally evolve their approaches – yes, approaches, plural – to security, says RSA's Steve Schlarman.

Companies have battled security challenges in the past by building layer upon layer of defences – firewalls, antivirus, intrusion detection systems, vulnerability scanners, security policies, identity management, etc.

Of course those layers are necessary – without them your company would be completely defenceless. Those layers provide the fundamental defence in depth and are critical to protecting against the lowest common denominators – unskilled attackers and random shotgun attacks.

However, today’s adversary consistently finds ways to weave through those defences and we read almost every day about data breaches or security issues at major corporations. Security functions are faced with increasing complexities, data, business changes and an ever shifting technology landscape.

Doing the right thing should be obvious, but for today's IT security organisations, it is too often hidden. Security teams are frequently sitting in the dark manually gathering information from multiple sources just to make a decision.

When security determines what the most important issue is, it is too late to properly respond. Companies have to address the blind spots within the technical infrastructure. The evidence points time and time again to how data breaches bypassed technical controls and were not based on simple attack vectors.

Investment in packet and log capture technologies to rely less on signature based protective measures is necessary for organisations to deploy investigative resources to identify advanced, complex attacks that are weaving their way through the layers of defence.

Fusing business context into security processes is absolutely essential to deal with the growing complexity and reduce the 'noise'. Security functions are no longer protecting nameless IP addresses and servers. They understand the need to connect business criticality to IT infrastructure to drive priorities.

Little knowledge of which processes, technologies and other infrastructure components are priority for security, drives inefficiencies. In response, security functions are looking for more information from the business to catalogue and classify assets to insert these priorities into the security process.

Security is no longer just a technology problem and processes and skilled resources are just as important. Too often in many organisations the answer to a technological threat (today’s organised digital criminal adversaries) has been technology.

While technology is an enabler, the processes that support the technology and the manpower running those systems are what will make any implementation successful. Organisations need to fundamentally evolve their approaches to security efforts.

Currently, organisations have deployed these layered defences, but many are disconnected or supported by manual, time intensive processes. Detective and investigative processes and technologies must be implemented to find advanced attacks.

Prioritisation and efficient processes must be enabled by integrated security technologies that are managed by trained, skilled personnel.

Organisations are working hard to expose those blind spots, connect IT assets to business criticality and improve processes and skills such that security functions can do the right thing, at the right time, for the right reason.

MulteFire announces industrial IoT network specification
The specification aims to deliver robust wireless network capabilities for Industrial IoT and enterprises.
Google Cloud, Palo Alto Networks extend partnership
Google Cloud and Palo Alto Networks have extended their partnership to include more security features and customer support for all major public clouds.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill. 
Schneider Electric's bets for the 2019 data centre industry
From IT and telco merging to the renaissance of liquid cooling, here are the company's top predictions for the year ahead.
China to usurp Europe in becoming AI research world leader
A new study has found China is outpacing Europe and the US in terms of AI research output and growth.
Google says ‘circular economy’ needed for data centres
Google's Sustainability Officer believes major changes are critical in data centres to emulate the cyclical life of nature.
52mil users affected by Google+’s second data breach
Google+ APIs will be shut down within the next 90 days, and the consumer platform will be disabled in April 2019 instead of August 2019 as originally planned.
Ramping up security with next-gen firewalls
The classic firewall lacked the ability to distinguish between different kinds of web traffic.