Ten or 15 years ago the most a company had to worry about when it came to vulnerabilities to its information systems were such things as Internet worms, e-mail spam and opportunistic hacks. All these companies needed back then for protection were a good firewall, antivirus software and spam filtering. However, the times have drastically changed.
These days, attacks against your organization’s information systems are most likely targeted, stealthy and slow moving. Attackers begin by initiating a compromise through targeted e-mail or Web attacks. These highly sophisticated attackers move laterally and quietly within your organization, exploiting your employees’ access permissions, your misconfigured servers and your weakly protected assets to obtain your sensitive data, customer information, financial records and intellectual property.
In order to be more security-conscious, companies must evolve as the sophistication of vulnerabilities, attacks and attackers have evolved. Your organization must have more than the good firewall, antivirus software and spam filtering of old to stave off today’s attackers.
For successful security, your organization must be able to correlate many pieces of intelligence, often over days or even weeks, to spot a successful breach, or the signs of a mounting attack. Just look at recent events to see how attackers have been in government and company information systems for many months. To be most effective, organizations must use a combination of intrusion prevention systems, endpoint and network-based data leak protection, Web filtering as well as log management and security incident management tools to analyze security incidents.
Organizations must invest in layered security systems. They have to employ IT staff or paid consultants who can install, update and manage your security products; experts to fine tune configurations and still others to monitor and make sense of your product’s often voluminous output. However, they need to find a way to obtain a single vision of security infrastructure that cuts through the noise and helps their IT staff to understand what’s happening, why and what actions to take. The bottom line is that your security and IT staff need to figure out how they can obtain value from your security investments you have already made, and will make in the future.
