Overhauling IT Security for Third Platform Era

By Sunil Sharma, VP Sales, India and SAARC, Sophos

If you ask me about one common problem CXOs or IT security executives are struggling with, then it is addressing skeletons from closet being brought out by impact of disruptive technologies. More security gaps are being discovered, reported and compromised than ever. Close on the heels of the advent of technologies like virtualization, cloud and BYOD, many businesses chose to hop on the gravy train, however, some of them did so at the expense of security, or perhaps they did not pay adequate attention to security implications. There are flaws in security posture; many security gaps exist and most businesses do not understand their baseline security needs.

As a result, most organizations do not really know the amount of data / information assets they have or how they are being accessed. If the truth be told, the hardened perimeter is fading fast and de-perimeterization is a reality. IT led “perfect-storm”, which is further compounded by the forces of Cloud, Virtualization and Mobility is turning the traditional view of enterprise network security obsolete, robbing IT and Security Managers of essential security controls and impeding visibility into user and network events. The Big Data enterprise is here yet security remains on the backburner. The high volumes of data stored and the many users that have access to this data in large, distributed and increasingly collaborative organizations, make effective control a daunting challenge.

Let’s take a look at some real-world data that validates this perspective. According to a report notified by CNBC news service towards the end of 2014, it was identified that unwitting employees handed over the “keys to the castle” to hackers at several leading Fortune 500 firms. The report elaborates that nearly 44 percent of Fortune 500 companies have had their employees' stolen email addresses and passwords exposed in Internet forums used by cybercriminals, giving these hackers easy access to sensitive business and customer data. Findings from the report also reveal that security breaches on several sites are seldom reported to authorities, meaning that employees and corporate IT managers are often un-informed and unmindful that the information has been exposed. This hints at two possible outcomes – either many of these sites lack sophisticated security, thereby remaining susceptible to hackers, or they suffer from unregulated internet access and are devoid of actionable security intelligence on user activities and health of endpoints in the network.

Context: A capability that cyber adversaries have and antiquated defenses lack
A recent study by Ponemon Institute reveals that endpoint risk has increased, with nearly 71% of respondents expressing that in the last two years endpoint risk has become more difficult than ever to manage. The rise in risk has been attributed to cloud applications, employee owned mobile devices and employees working remotely.

The widened attack surface gives attackers better context and visibility to craft targeted and attacks. By exploiting vulnerabilities in various endpoint devices, applications, servers and operating systems, they can hijack the network and target the victim residing in it while still managing to fly under the radar.

Enterprise networking and IT has reached a tipping point as third-platform technologies begin to turn the traditional view of security on its head. The network perimeter is fading fast and most businesses want to secure their IT, data and users, the truth, however is, it is about securing business from IT! Information Technology is as much a threat vector as it is a catalytic force for business transformation.

Attack surface is expanding as BYOD phenomenon and mobile workforce continue to inundate enterprise networks with a growing number of endpoints. Indeed this remains music to hackers' ears, for more is up for grabs using sophisticated attacks. No wonder cybercrime is bourgeoning as an organized market-place, allowing adversaries to buy or sell lethal exploit kits, order a DDoS attack on hire or put together a team of malware authors in minutes to craft an evasive code that can circumvent traditional perimeter security, compromise endpoints and successfully exfiltrate mission-critical information stealthily.

Securing the Third platform
Most current security practices suffer from a reactive and fragmented approach with multiple infrastructures, overlapping functionalities and several management systems that lack proper sync. Also the ones that claim to integrate network and endpoint protection do not look beyond prevention. Businesses rely too heavily on myopic or reactive security methods which are in need of overhaul and this blinds the thinking of security managers.There is a need to take a departure from this approach, which is more focused on preventing known threats or external threats and fails to take into account threats from insiders or through evasive methods. Most enterprises are cutting themselves off from critical and actionable threat intelligence that would otherwise help them identify unknown threats, anomalies in network events or suspicious user activities.

Taking a departure from this ineffective approach, security executives should identify solutions or evolved approaches that provide a new and holistic dimension to unify and integrate a broader set of security technologies.
 

Don't Miss ( 1-5 of 20 )