“I tend to believe Mark Twain hit it on the head when he said, “Put all of your eggs in one basket and watch that basket” –Andrew S. Grove, Only the Paranoid Survive
Had Mark Twain been alive today in this age and time, he might probably revise this adage and may be say, “Put all your data in one place and protect it.” It’s increasingly a software-defined world and IT organizations are becoming elastic and agile as CIOs across the world with zeal kick-start their enterprise digital transformation agendas. But anything digital can be up for manipulation and that’s what concerns the CIOs and keeps them awake. With the dawn of the ‘On Demand’ age enterprise security is no longer about securing the perimeter, it’s all about managing the data access intelligently so that it does not fall prey to digital predators.
THE CHANGING LANDSCAPE
Today security is the glue that binds the complex interplay of data and gives it the integrity. And its increasingly becoming difficult to manage the multi-pronged issues associated with security. Let’s look at some stats that will drive home the seriousness of security concerns organizations face today. For instance, if we go by leading threat landscape studies, Verizon said that Ransomware attacks are a key cybersecurity threat for global organizations, in its 2018 Data Breach Investigations Report (DBIR), it said that Ransomware is the most common type of malware, found in 39% of malware-related data breaches – double that of last year’s DBIR – and accounts for over 700 incidents. Verizon’s analysis also shows that attacks are now moving into business critical systems, which encrypt file servers or databases, inflicting more damage and commanding bigger ransom requests.”
Let’s look at more insights. According to FireEye’s Mandiant M-Trends 2018 report, it said said that organizations which can detect breaches are doing so faster – in 2016, the median duration between the start of an intrusion and it being identified by an internal team was 80 days, but in 2017 it decreased to 57.5 days. This shows that organizations appear to be getting better at discovering breaches internally, rather than being notified by law enforcement or another outside source. The global median dwell time before any detection —external or internal— rose to 101 days in 2017, from 99 in 2016. Once a target, always a target – FireEye data provides evidence that organizations which have been victims of a targeted compromise are likely to be targeted again. Global data from the past 19 months found that 56% of all FireEye managed detection and response customers which received incident response support were targeted again by the same or a similarly motivated attack group. Findings also show that 49% of customers with at least one significant attack were successfully attacked again within one year.
A NEW APPROACH TO SECURITY
The above two references only reaffirm that old school security practices are passé and we need radical new interventions that can create a true security paradigm that can secure the digital assets. But with the constantly changing threat landscape, its almost impossible to create a 100% foolproof security paradigm but what experts say is that a paradigm that can with minimal lead-times and that which addresses the security breaches whenever it happens is the need of the hour.
Experts say that though most of the organizations usually look at security from outside but we need to address it inside out. For instance, the most important IT assets of any organisation are their applications and data. Hence, securing these assets from inside from any kind of attacks is most imperative. With technology at the heart of the modern business, digital assets need complete protection from attackers. Any breach will have a direct impact to the brand image. Moreover corporate espionage and data breach are the top concerns of the CIO/CISOs. Hence it is important to ensure that information security considerations are interwoven into all major discussions and decisions at the board level.
REVISITING SECURITY PRACTICES
So from our interactions with security experts and the CIOs, what became evident is the fact that today’s security concerns need a multi-dimensional approach. It’s a complex interplay of multiple stakeholders within the enterprise and things need to be planned at a granular level.
Protecting the digital enterprise is more than protection from cyber-threats, it also includes aspects like confidentiality, integrity and availability of digital assets. Protecting the digital assets requires adaptive, predictive, and dynamic approaches across people, process, technology and policies. Also all businesses must manage the emerging risks created by the proliferation of apps, new consumption models and the shift to mobile and cloud.
Security experts say that organizations by building security and resiliency into the fabric of their enterprise can proactively detect and respond to threats, and safeguard continuity and compliance to effectively mitigate risk. So clearly, it is very important to have a unified security strategy for applications and databases which spans across both enterprise datacenter and cloud.”
WHAT HAS CHANGED
The critical question that comes now as a result of the changed security landscape is that when you talk about enterprise security, what essentially has changed and what are the key best practices required for the new normal digital economy?
We need to approach this questions in the prespective of how the pace of business and technological disruption ever accelerating, enterprises around the globe and across many industries seem poised for total digital transformation this year. IT is positioned to lead the adoption of game-changing technology, enabling the business to become more innovative, competitive, and profitable than ever and India is no exception to this trend. Today’s security challenges cannot be secured with mere incremental thinking. We need a new security architecture that fundamentally changes how we prevent, detect, and respond to threats.”
Experts believe that protecting a corporate network isn’t as simple as building a wall around it. Threats can still sneak through the network firewall or circumvent security infrastructure altogether. Once they’re inside, they can move around and attack at will since there are few, if any, controls inside the data center to prevent malicious traffic.
For a lot of security guys, nirvana is the ability to do micro-segmentation within the data center, or build a honeycomb, in effect, so that any threat that gets into the data center is actually captured within the honeycomb and can’t move very much.
Currently the IT organizations the world over are at an intersection of a major technology disruption and irrespective of the domain, one common thread is that the current environment needs a judicious new approach in terms of technologies, policies and decision making. In that order, today many companies are expected to have full-fledged CISOs to specifically address the security concerns. The CISO will work in tandem with the CIOs.
While the last couple of years, the industry and enterprises are talking about security, now it has come to a stage that security is the starting premise of any major IT deployment. What used to be an after-thought those days has now become a focal point.
Security breach has far-reaching ramifications for organizations—right from reputation slide to financial loss. Clearly, a pro-active security infrastructure leveraging on best in class and best of breed technologies will create a ideal security infrastructure that will ensure greater protection to enterprises’ digital assets.