A lot of security technology is not up to the task and looking at what has been seen before has been described as not adequate.
Talking to SC Magazine, Tom Burton, head of cyber security services at BAE Systems Detica said that upon launching its CyberReveal tool in April, it had decided to take a fundamentally different approach to security and it was important to understand what you want to technology to do, and what is different about a threat.
He said: “It is about perspective: technology often involves lots of people, is ingenious and allows you to observe something, analyse and move around it. You need to build walls, but the most sophisticated attacker will find a way in.”
He recommended a four stage strategy of prepare, protect, monitor and respond, as well as understanding risk exposure and strategy, and understand what awareness you need to have across the userbase. “Protection is important to put in place, it is important that it is joined up and not just a set of sticking plasters,” he said.
“It is not just about stopping it; it is not just about putting protection in place, it is about monitoring to identify attacks to when you have enough to respond. If you do those four stages in a joined-up fashion, then it becomes business as usual.”
Rich Wilding, cyber security director of BAE Systems Detica, said that there is a common perception that technologies are not working, and companies buy new technology, but the problem is if 20 security devices file 1,000 incidents each in a day, when do you spend the time analysing those alerts? “The traditional security incident and event management (SIEM is not designed to solve this,” he said.
Wilding and Burton said that its CyberReveal solution is a Big Data approach to security, enabling data to be read to lead an investigation and which uses a human mind to understand what has happened. Wilding said: “Blacklisting is not the way, blocking is not enough to determine what is bad.”