Management BYOD Infrastructure IoT Storage Security Privacy

Current Filter: >>>>>>

PREVIOUS

   Current Article ID:3978

NEXT



The Infosec imperative: squaring the circle

Editorial Type: Feature     Date: 03-2014    Views: 4780   











With the season of IT shows upon us, Network Computing Editor and Business Technology Mentor Ray Smyth, considers the options for Infosecurity Europe 2014

Without any doubt Infosecurity Europe has become the biggest and possibly even the most important show concerning information security. Even if your organisation is large enough to employ IT security specialists, the challenge of security still needs to permeate every aspect of an organisation: it is not just another IT silo, and if treated as such will result in certain failure.

For many years I have roamed the halls of Earls Court to update with the vendors I know, and I am always keen to meet new ones. Finding something new to say in this critically important area is actually quite difficult. The odds are stacked high because failure will at best mean someone facing some tough questions, but it may also mean losing your job or even your career.

When mentoring organisations in the deployment of IT in their business, I always ask them to focus on two things. Firstly from a pure business perspective, what can you absolutely never, ever tolerate? From here it is a good idea to identify the things that you may be able to tolerate, providing you know about them quickly if they occur and have a recovery plan in place that is rehearsed and tested. This approach can be as detailed and granular as is required, but I recommend simplicity to start with and complexity only if it is required - which even then must be justified against some extremely rigid criteria.

With a business and organisation driven review and a plan in hand, I then recommend that there is a critical examination of the available technology. This is because the vendors in this sector are highly specialised, highly skilled and well informed. Because of this they are likely to see things before even the most well informed IT, networking or security specialist can. In addition, this second part of the exercise tests the first part by considering everything that is available and everything that is possible, to ensure that nothing is overlooked.

Of course it is always possible that the result may exceed budget or practical reality and this is where a combined (executives, line of business managers and all IT, networking and security disciplines) approach rounds off the first pass of what should be a frequently iterated process. The objectives behind it are many and wide-ranging, but can be best summarised as: to know all the risks, to evaluate each risk in the context of business operations, to make sure that you have fully considered both of these things in the context of what is known and suspected, and to have a plan that deals with them in the way that you want them to be addressed. So what does this mean in terms of your visit to Infosecurity this year?

In planning your visit a cursory pass over the aforementioned process may assist. In addition, here are some thoughts that may help you set your direction of travel. A good and effective security strategy must be based upon some level of continuous monitoring. Referring to the 2014 CyberEdge Cyberthreat Defence report, Scott Gordon of ForeScout says, "More than 60 percent of survey participants had been breached in 2013, with a quarter citing a lack of employer investment in adequate defences as a factor." While investment and available funds are without doubt a factor, the cost of breach should not be overlooked. Gordon adds, "Successful organisations are progressing their techniques and their tool arsenal including the use of next-generation network access control… Enterprises are becoming more complex and the threat landscape is evolving rapidly. Network security has to be pervasive and continuous which requires IT teams to better leverage security tool interoperability and policy-based automation."

The CyberEdge report claims that one in five organisations roll the dice by doing nothing to assess the state of their transient devices between scheduled active scans. This creates an unacceptably large attack surface on which to mount a successful cyber-attack against transient systems. Is this something that any organisation can knowingly ignore and realistically survive?



Page   1  2  3

Like this article? Click here to get the Newsletter and Magazine Free!

Email The Editor!         OR         Forward ArticleGo Top


PREVIOUS

                    


NEXT