IT managers have never had it easy and many of them have to make decisions on how to keep their entire organisations' IT infrastructure secure on a very regular basis. The extent of the pressures they face was brought into stark relief when at a recent CISO event in London last month, we posed the question “what keeps you awake at night?” and frankly it's incredible that many of them get any sleep whatsoever!
It's probably fair to say that senior IT managers have never had it quite as hard as they do at present.
Last year, 88 percent of UK businesses reported an increase in cyber-attacks, costing small businesses up to 6 percent of their turnover. This ever growing threat is putting additional pressure on the shoulders of IT decision makers, so it's vital they have the correct systems and strategies in place to protect their organisations.
One of the most common concerns voiced by IT professionals is their inability to visibly monitor the inbound and outbound threats to their infrastructure in real-time. Many still have to perform this task manually, which is both labour-intensive and time-consuming. This means there is greater potential for human error, and that threats can quickly develop to become more serious if they are not dealt with in a sufficiently timely manner.
Organisations are increasingly using more comprehensive technologies to protect key business systems, such as Security Information Event Management (SIEM), to proactively monitor emerging threats. The general consensus amongst IT managers using this kind of solution is that it does make life a lot easier, especially in being able to study the root causes of errors and security breaches by looking into the log information and reports. This consequently reduces the risk of a repeat incident and offers greater control than attempting to address a problem manually.
Following (a lack of) visibility is the continual day-to-day management of malware and advanced persistent threats (APT), which is becoming an increasingly complex issue for IT professionals to manage. The recent spree of high-profile malware attacks - attributed to APT - against some of the most security savvy companies and government agencies has served to remind IT managers everywhere of their organisations' vulnerability.
There are, however, a number of actions organisations can take to minimise this threat. The most important factor to consider comes when selecting or building a solution; this is to choose an approach which complements the organisation's specific business needs and vulnerabilities.
Having technical security controls in place won't necessarily bring an end to a security manager's insomnia, especially now that increased demands for BYOD strategies and the ongoing appliance/cloud conundrum are only serving to prolong those sleepless nights. Many security professionals are adamant that mobile devices remain the weakest point of any network – both as a prime target for hackers and from the potential for loss or theft.
Addressing this problem is difficult; but the growing popularity of containerisation of things like network hosts and even desktop applications, along with the installation of modern malware detection technologies is serving to combat the threat of malicious hacking. Access control can be another key concern to consider; if you allow all devices onto an open network, you have no control of what users are accessing even if the handsets they are using are secure. When breaches do occur often there is an element of account takeover. It is therefore advisable to instigate a two-factor authentication protocol and also to manage access to what individual users can view and/or download in order to ensure critical data remains protected.
This short list is just a taste of the many challenges an IT manager will face on a daily basis. However, it highlights the need for dynamic security systems and strategies. One thing for sure is that the number of threats is only going to rise over the coming years and keeping abreast of the latest security technologies is one way to stay one step ahead and thus minimise the chances of avoiding a heavy hit in the future.
Contributed by Andy Aplin, CTO, Accumuli