Getting ahead on security

Security experts share their thoughts on the strategies organisations should adopt to stay safe now and in future

Tags: Dell CorporationF5 NetworksGartner IncorporationKaspersky LabMcAfee Incorporation
  • E-Mail
Getting ahead on security Organisations are looking to develop security strategies which will ensure they are protected in future.
By  Keri Allan Published  August 24, 2014

Online security threats continue to make international headlines and even the most secure companies can be at risk. Keeping ‘safe’ has never been more problematic although firms that start by getting the basics right stand the best chance of retaining their security.

This entails establishing, maintaining and enforcing a suitable security policy and equipping IT staff with the necessary tools. Companies should also look at what the best secured organisations are doing and learn from the strengths – and weaknesses — of others in order to make themselves a little more secure against the latest security hazards.

“Successful organisations recognise where they have their strengths,” begins Sebastien Pavie, regional sales director, MEA, SafeNet. “If their primary business is not delivering security, they should recognise that giving those controls to another organisation is essential, rather than being satisfied by a minimal standard. There’s no such thing as perfect security, but it’s becoming a business imperative that organisations move beyond minimal protections,” he highlights.

Experts agree that the most secure organisations have broken down their security strategy into four key areas: auditing, preventing, detecting and continuous monitoring. The key is to be proactive rather than reactive. However, for the majority of companies there’s still a lot of work to do be done — and a lot of security ‘holes’ still to be filled.

“I don’t get to see what the best are doing; however what I can say is that detection and response times are abysmal right now and they are only getting worse,” warns Paul Wright, Technical Director of Cybercrime Consulting. Foundstone Services EMEA, McAfee. “The information security industry is largely comprised of niche tools, each focusing on one small aspect of detection or incident response. In addition, traditional focus for organisations has been on prevention and alerting, and given the fact that well over half of security incidents aren’t discovered until months later, it’s obvious that our focus needs to shift.

“Traditional security methods such as next generation firewalls and reactive security measures are losing the fight against new breeds of attacks. Today’s security strategies need to cover all devices, applications and networks accessed by employees. Security is now less about the supporting network infrastructure and increasingly about the protection of the application, enforcement of encryption and the protection of user identity,” continues Diego Arrabal, VP, Southern Europe and Middle East, F5 Networks.

“This means organisations need security strategies that are flexible and comprehensive, with the ability to combine DNS security and DDoS protection, network firewall, access management, and application security with intelligent traffic management.”

So are there security technologies that are currently being overlooked or under-used? The vendors very much believe so.

“There are two classes of security technologies where I believe enterprises need to increase their investment,” notes Zulfikar Ramzan, CTO of Elastica. “One area relates to enterprise usage of third-party cloud applications and services. As organisations migrate towards greater adoption of services like Box, Google Applications, Office 365, Salesforce, Workday etc, they lose tremendous visibility. Since security is predicated on visibility, these organisations do not have as much of a handle on the cyber risks they face. Technologies that provide visibility and controls for third party SaaS applications are paramount.

“The other area where there has been under investment relates to continuous monitoring, especially as it relates to incident response. The reality is that no matter what defences you put in place, attackers will inevitably breach them. As such, it becomes all the more critical to be able to go back and assess what happened. While these devices do not prevent threats, they make it significantly easier to investigate what happened after the fact. This information can help you understand the ramifications and potentially the root cause - and then this information can be folded back into your overall security strategy.”

So we know what solutions are available currently, but how will things change in the future and what security technologies and strategies will we be talking about in a few years time?

According to Nicolai Solling, Director of Technology Services at Help AG, we will begin to move towards the zero-trust model, where we will stop trusting anyone and by default, inspect all business traffic flow.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code