Three security resolutions to stick to this year
Easing off on security plans made for the year is both dangerous and poses huge risks, says Anton Jacobsz, managing director of Networks Unlimited.
Anton Jacobsz, managing director of Networks Unlimited.
"Resolutions have a tendency to fade away shortly after the new year has begun," states Anton Jacobsz, managing director of Networks Unlimited, South Africa's leading value-added distributor. "When it comes to cybersecurity and your business, however, easing off on security plans made for the year is both dangerous and poses huge risks."
With its focus on supplying the Sub-Saharan-, East- and West African market with the pinnacle in technology solutions addressing converged technology, data centre, networking, and security landscapes, Networks Unlimited distributes, amongst others solutions from RSA – The Security Division of EMC – and asked the company to elaborate on the security resolutions local companies need to stick to this year.
Zulfikar Ramzan, chief technology officer at RSA, highlights the following three resolutions for 2016:
Resolution 1: Focus less on prevention, and more on detection and response through visibility
Data centres: the emergence of interoperability
Historically, attempts at information security within organisations were achieved by some basic preventative measures, like firewalls and antivirus. It's becoming clear, however, that such technologies are woefully insufficient. Organisations shouldn't eschew them altogether, but should realise that having basic preventative technologies in place is not the same thing as having a viable advanced threat strategy.
By resolving to organise a SOC with the right tools AND people/ expertise, organisations can achieve the visibility they need to detect and respond to advanced threats. Preventative technologies are seatbelts, not silver bullets. Well-resourced adversaries will easily find ways to bypass them. In other words, the barbarians are well past the gate at this point.
Under this worldview, visibility becomes paramount. Visibility is about understanding what's happening across your IT assets, from endpoints to networks to the cloud. More so, organisations should strive for visibility that is both deep and pervasive. In other words, don't rely on myopic snapshots across your environment, but have deeper continuous capabilities in place. With such visibility in place, organisations are better positioned to identify when attackers have infiltrated their infrastructure and are better poised to respond intelligently and swiftly.
Resolution 2: Develop a comprehensive identity and access management strategy
Concepts like cloud, mobile, BYOD and more, are accelerating our move to an amorphous and perimeter-less world. And in the absence of well-defined perimeters, the only tangible thing you can hold on to from a security perspective is identity. Identity is a cornerstone of security. After all, security is fundamentally about being able to assert that only the right people can access the right resources as the right times. That aim can only be achieved through a solid understanding of identity. More so, large breaches inevitably involve someone co-opting an identity.
Beyond that, identity is not just a matter of having good authentication measures in place, but about managing and governing access through the entire employee lifecycle, from the time they join to the time they leave the organisation.
Resolution 3: Own your risk
Ultimately, the goal of security measures is to reduce the overall risks that organisations face. Risk is not a monolithic concept, but rather a mosaic that comprises numerous facets. There's financial risk, regulatory risk, operational risk, and so on. From a cybersecurity perspective, risk mitigation is predicated on visibility, but requires that the insights gleaned from that visibility are actionable.
As chief information security officers (CISOs) present to their boards and executive teams with increasing frequency, they need to do so in the language of risk. Board members and CEOs aren't so interested in knowing whether an attack involved a buffer overflow or a SQL injection. They do, however, want to understand how attacks impact overall risk. The successful CISO should have the tools and platforms in place to translate an understanding of lower level cybersecurity risk to higher-level organisational risk.
"With cyber crime and data breaches dominating the news almost hourly lately, this – I believe – is more than enough reason to meticulously stick to your cyber security plans this year," adds Jacobsz.