Getting smart - a joined up approach to beating the hackers
As data breaches become commonplace and organisations struggle to keep pace, Treavor Dearing explains why integration and collaboration among IT security vendors is emerging as the only viable solution to beat cyber-criminals once and for all.
Treavor Dearing, EMEA marketing director, Gigamon
When it comes to today's cyber-security fight, beating the hackers requires IT security vendors to join forces and work together – which admittedly isn't easy in an industry that has historically valued competition over collaboration.
However, with an ever-growing, increasingly sophisticated threat landscape, security vendors must start to play nice and encourage organisations to move toward a strategy built on alliance, information-sharing and a united front among their suppliers.
Barely a week goes by without news of another company being compromised, and despite the sophistication and proliferation of today's highly advanced network security solutions, these attacks continue unabated. Furthermore, as we become increasingly connected, organisations are handling more network traffic and sensitive data than ever before – creating a perfect storm for damaging data breaches. The honest truth is that no one technology or company can do it all, irrespective of marketing claims to the contrary. Even if companies were to consolidate, they still end up with at least a dozen “must have” security technologies, each of which addresses issues up and down the stack.
Though these solutions may be considered best of breed, they are unfortunately ineffective when competing with one another for traffic and placing greater strain on the network. Interoperability and communication between these technologies – whether we are talking about a firewall, antivirus, voice analyser, intrusion detection system or otherwise – becomes essential. Today, with the C-Suite acutely aware of the consequences of a data breach, no business wants to deploy a security vendor that doesn't talk to its other suppliers to ensure an efficient architecture.
This integration and collaboration must begin at the network layer. By working together, different tools in the stack can improve the speed with which cyber-threats are identified and isolated – effectively eliminating them before they do their damage. In turn, this gives organisations far more value and greater ROI on their security investment.
With cyber-threats evolving at such a rapid pace and increased digitisation occurring worldwide, an organisation's ability to detect and respond to threats is only ever going to be as good as the level of visibility that it has into all network activity. Without this, hackers have carte blanche to stay undetected on corporate networks for longer.
By gaining pervasive visibility into all network activity, IT teams can begin to understand the lateral movement of malware. In turn, these teams can speed up the detection of exfiltration activity, and can significantly reduce the overhead, complexity and costs associated with security deployments. In today's world of industrialised and well-organised cyber-threats, it is no longer sufficient to focus on the security applications exclusively. Focusing on how those solutions get deployed and how they get consistent access to relevant data is a critical part of the solution.
It's imperative that today's organisations start taking steps to get this right, as they face increased regulation, heavier penalties and shorter breach notification windows. One of the biggest regulatory changes will be seen when the EU General Data Protection Regulation (GDPR) comes into force. In many cases, this new requirement will force those companies that may have been slower to act to completely overhaul their current cyber-security practices in a short space of time.
Finally, there is also the issue of cost. As budgets are increasingly stretched, IT teams everywhere are striving to do more with less – either as a top-down directive to cut costs, or bottom-up response to increased demand for services. Anything that can help IT improve ROI is a good thing, particularly in such a critical and potentially expensive area as cyber-security.
It has become clear that having security tools in place that can work in tandem with others will completely transform the way IT security services are deployed and managed – for the better. In addition, if the network really is to be considered the new battleground for early identification of cyber-attacks, the best way forward is to deploy a security architecture that is multi-layered, optimised for identifying breaches quickly and built on a robust platform for pervasive network visibility. In short, this will make security appliances more effective at protection from the bad guys and remediation of threats, while reducing overall costs and complexity.
Contributed by Treavor Dearing, EMEA marketing director, Gigamon