How dated are your security safeguards?

How dated are your security safeguards?

New Threats – Old Technology

Have you faced the situation in an organisation where security was upgraded because the product was reaching end-of-life?
You are not alone. IT Professionals dread the “compelling event” where an unplanned situation creates a panic and money is wasted on ill-considered security safeguards. Management demand that “something is done” immediately, irrespective of the cost or efficacy. Usually these are the same executives who resolutely deny all but the most pressing information security expenditure. Maybe it’s time to prepare an annual report on the state of your investment in mitigation measures and identify and document limitations. Armed with a realistic appraisal of your existing security posture, documented and widely distributed, broader stakeholder engagement may flag weaknesses. This could help you build solid business cases to fast-track investments that reduce the lifecycle for dated, legacy security infrastructure.

How dated are your security safeguards?

It’s an ongoing task to appraise how your security posture measures up when dealing with real world threats. As soon as you close one security gap another risk is revealed. Your perimeter protection measures may be current and even the BYOD initiative you built is working well but how are you dealing with data loss or even insider threats?
Many technologies that were advanced or considered cutting edge have evolved to mainstream status. Others like SIEM have found a place in larger Enterprise infrastructure roll-outs but were never a good fit for the 100-500 seat organisation. The biggest issue (as always) is resourcing and managing the technology, preferably with a “single pane of glass” to correlate data from many sources.

For the typical CIO who has to manage an Enterprise of 500 seats the blunt questions must be how are your security measures meeting today’s threats?

How well do they integrate for easy management and concise reporting?

What are your concerns about the consolidation in the security marketplace?

Does it auger well for the long term stability of your security environment?

If you can identify gaps in your defences or have concerns about the strategic roadmap outlined by your vendor partners then maybe it’s time to prepare a migration wish-list that can form the foundation of a strategy document.

But what measures should you be considering?

Anti-Virus and Malware

Anti-virus and malware have evolved to the point where legacy signatures fail to make the grade. Heuristic behaviour and real-time analysis is now common and artificial intelligence is often applied to analyse behaviour, interaction and track attack vectors in real time.

Everywhere Cloud and Office 365

Cloud computing means that connections should be encrypted and tunnelled using VPN tools and that all endpoints must be secured to lock down the risk of breach. Even with the best policy enforcement, users’ are forgetful and where possible, (and practical), technology should provide the oversight to protect the organisation from external threats and the non-malicious behaviour of their users.

Data Loss or Data Leakage

In spite of over a decade of solid policy guidelines and enforcement, data loss is still mainly caused by human error. Annual audits conducted by leading organisations show that the chance of losing confidential data increases when your employees’ are entrusted with it. The second greatest cause for data loss is hardware failure.

New Breach Vectors

Which of your employees doesn’t have a smartphone with a camera? How about scanning documentation and sending the images or drip-feeding confidential data in small batches or incomplete files that don’t trigger security safeguards? If your safeguards are locked in at 2012 then your mitigation measures are nearly five years out of date. Images and data obfuscation are new ways to bypass security measures.

Privileged and Insider Threat – tracking the data

What happens if key staffer’s decide to start up a business in direct competition? If they are a privileged executive and are using information that their roles and responsibility permits then that’s fine. If the use of this data is later proven to be instrumental in misusing intellectual property then tracking the transit of this data may have wider implications well beyond information security.
Are you equipped to track this data migration to support legal action?

Security Analytics and Visibility – Trust but Verify

Many organisations are bound by legislation or compliance to protect their digital assets. Typical examples are health, financial and employee records entrusted to human resources. Ensuring that customer data is not misused by “rogue employees” is a challenge because somebody must define where the employee resides in the organisation chart.

Does the CEO monitor the CFO or is governance a board level role?
Are the board accountable for misuse of data?

Tracking the movement of data is the first step in protecting digital assets more efficiently. Adding the resources to monitor where, when and who viewed or modified the data is a compliance measure that protects the data and the executives tasked with safeguarding it.

Who funds that activity?
Technology that flags this behaviour is available and can be used for security and governance.

Collaborative Tools – bringing it all together – Forcepoint

These mitigation measures will improve your organisations’ security posture but aggregating the data (or trying to) from many technology vendors creates challenges too. Without seamless application linking and integrated reporting how much utility does it deliver for time pressed administrators who now assume more responsibility by contributing to business strategy and execution. Admin’s are not the break/fix infrastructure people they were in the recent past. If IT administrators are responsible for this function then your management team has has failed to grasp the contribution and real value the IT adds to the business.

Integration is critical

Are you reviewing your security safeguards to ensure your technology investment offers the right technology to defend against new threats?

Contact Scott or Zoe on 02 9957 6666 to discuss how Forcepoint can help you strengthen your security posture.

Comments are closed.