Balancing Security and Risk
In June the annual U.S. Security and Risk Management Summit brought together Gartner analysts and industry and security professionals to discuss the latest challenges, strategies, approaches and best practices.
Below are some of the topics discussed throughout the Summit.
In the opening keynote analysts Eric Ahlm, Neil MacDonald and Ramon Krikken discussed managing risk, building trust and embracing change by becoming adaptive everywhere. With an increase in mobile devices and cloud computing, anytime access to business data can be seen as an opportunity or as a growing security risk. Taking a security posture of saying ‘no’ may not enable the business to leverage all the opportunities a digital world presents. Today, IT and security professionals are having to bridge the worlds of business and IT by embracing and balancing security and risk.
An Adaptive Architecture
In his ‘Develop a Pragmatic Vision and Strategy for Digital Business Security’ session, Gartner Analyst Tom Scholtze also talked about the importance of adopting an adaptive architecture to predict, prevent, detect and respond. The adaptive architecture will provide visibility, intelligence and analytics to make sense of what is happening. And continuous monitoring and assessing your network will allow better context (users, systems, system activity, and payload).
The longer a bad actor is in your network, the more time there is to find valuable assets, which is why reducing the mean time to detect and the mean time to respond is critical. With the growing number of security tools on the network, their output is fast becoming a big data problem. One of the briefings on augmenting the SOC (Security Operations Center) presented the case for deploying analytics tools and artificial intelligence (AI).
Many of the sessions touched on cloud security. During the CISO panel session, Robert Daugherty, Chief Information Security Officer at Cobham Advanced Electronic Solutions stated that long gone are the days of ‘no cloud under any circumstances.’
Cloud security is an unfamiliar territory, requiring new security strategies. Cloud can represent a loss of control for IT and security teams and inevitably there are going to be visibility blind spots. Knowing where the company’s sensitive data is and who is accessing the data is paramount especially as companies implement a mix of private and public cloud services such as Azure and AWS.
Gartner’s CARTA (continuous adaptive risk and trust assessment) strategic approach marries a defensive posture with an access posture -- something to consider for all deployments especially cloud.
Planning for Today and Tomorrow
The threat landscape is continuously evolving and needs to be dealt with today. A rolling 1-year security plan and the adaptive approach mentioned by many throughout the week seems to be more appropriate for today’s complex environments.
As you update your security plan and explore network visibility technologies, there are some questions you need to ask:
- Will the network visibility solution seamlessly integrate with the existing security infrastructure?
- Will the network visibility solution allow your security tools to read all kinds of data including encrypted data?
- Will the network visibility solution scale?
APCON’s network visibility and security solutions are enabling technologies that provide data gathering from anywhere on the network and ensure the network performance and security analysis tools have the data they need to provide context for IT and security teams managing security and risk for their business.