Riding Technology Waves - Changing tides of security


Published on

This 10-page opinion paper from the Riding technology waves series looks at better protection through a clearer understanding of the changing tides in security, putting the emphasis on taking proactive opportunities to put security at the heart of the boardroom. Examines challenges facing security professionals, outlines real-time security monitoring and its eight essential benefits, and networks that protect themselves.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Riding Technology Waves - Changing tides of security

  1. 1. BT AssureRiding technology wavesBetter protection through a clearer understandingof the changing tides in security
  2. 2. You have no choice but to connect your business networks to the rest of the world: customers, suppliers, partners, remote workers and the general public. And the moment you connect your security is threatened by the spectre of online security breaches and cybercrime. Fifty-five per cent of organisations worry their infrastructure can’t withstand cyber attacks and nearly all (94 per cent) believe the number of online security attacks is on the rise1. But you’re not facing an uncontrollably rising tide of security threat; you’re facing opportunities to proactively lead with security, placing security firmly in the heart of the boardroom. Global market intelligence provider IDC believes understanding the changing tides of the security landscape is vital, and that insight and visibility are key to success.Real-time threat monitoring
  3. 3. Counting the costRisk is a constant, and dealing with it in the best “Businesses need to look again at theirway possible will, inevitably, come at a price. When defences to determine whether theirevery part of a business has to justify every item of information is indeed well protected.expenditure, security can come under pressure to Encouraging companies in all sectors to makereduce spending. The strongest argument against this investments in improved cyber security, basedis to look at the costs of security breaches: in 2011 the on improved risk assessments, is likely toaverage organisational cost per data breach was considerably reduce the economic impact of$5.5m and the average cost per compromised record cyber crime on the UK.”was $1942. Cabinet Office recommendations, 2011. Realistic funding for security and undertaking assessments that inform effective decisions are essential.
  4. 4. Learning from the best — NASA The challenges of proactivityNo system is ever fully safe. In its state of securityfor 2011 statement, NASA announced a number of Moving beyond a damage-limitation approach tobreaches, including 13 separate data losses. Even a real-time threat monitoring approach involveswith an IT security budget of $58m, attackers made addressing significant barriers:off with credentials for 150 employees in a singlebreach. Such credentials could be used to make illicit • Cost, particularly that of staffing 24/7use of the organisation’s networks. information monitoring. • The requirements of implementing monitoringNASA outlined key areas of threat, including lack on a global basis.of awareness of agency-wide security policies and • How best to assess the volumes of rawdifficulties implementing continuous IT monitoring. information generated. • The difficulty of proving the business case forAlthough this is a staggering revelation, NASA at real-time threat monitoring.least has the security awareness to be able to nameand quantify the threats it faces. Many organisationswill have been as, if not more, affected — but won’tknow it because they just don’t have the reportingor visibility of real-time information that makesthem aware. And other organisations will havethe monitoring and intrusion-detection systemsnecessary to identify threats as they arise, but willbe so swamped with information they’ll beunable to pull out the crucial insights that lead toeffective protection.A real-time view of the threats and outcomesyou face is essential, but is only effective whencoupled with the knowledge to convert insight intoappropriate action.Real-time threat monitoring
  5. 5. Challenges faced by thesecurity professional2012 is the ideal time for security professionals to In 2012, security will finally trump compliance.focus on gaining the visibility they need: Imperva’s analysts3 expect to see security decisions driven by genuine security measures, not compliance• To make the decisions that will keep their requirements. With the cost of a breach rising, organisations ahead of cyber criminals. industrialised hacking growing and the need to protect• To get the crystal-clear, holistic view that will intellectual property, companies will increasingly make help them take a proactive, rather than reactive, cyber security decisions based on security. approach — thereby avoiding a job-threatening security breach. Gartner analyst French Caldwell thinks IT security professionals need to make it clear — to the business in general and the board in particular — that defining beneficial risk tolerances and ensuring these are not exceeded is their mission.
  6. 6. Stay ahead with visibility through real-time security monitoring IDC notes that a combination of cyber crime that can extract sensitive information from compromised networks faster than ever before and internal systems that are struggling to protect businesses from outside threats is driving a move to externally-provided, real-time threat monitoring. “It’s becoming clear that many of these emerging threats cannot be defended against in-house, creating a shift in security posture toward being more proactive.” Christine Liebert, IDC senior analystReal-time threat monitoring
  7. 7. Eight essential benefits of effectivereal-time security monitoring1. React rapidly to security threats; analysis of the 6. Improve information security; effective source, destination, severity and nature of threats monitoring enables you to collect data from in real-time means you are aware of attacks as network devices, classify the risk it represents and soon as they happen. highlight potential threats.2. Gain a clear view of your network: and take control 7. Reduce enterprise liability by recording network of your security environment. activity, helping you comply with auditing and3. Hold down costs by detecting internal and external accountability standards, protecting against attacks on your network as they happen and financial losses. halt these attacks before damage is done. This 8. Make audits easy — one overview of your security eliminates the expensive and time-consuming log data and records of your configuration and post-attack clean-up costs. tuning history means auditors can access data4. Comply effectively with the ever-increasing from one place. number of data privacy and protection regulations, including the Sarbanes-Oxley act, Data Protection Act and the Health Insurance Portability and Accountability Act.5. Avoid damage from the unnoticed — the numerous ‘small, mundane’ problems, such as worms infecting PCs, hard drives filling up, and the installation of unauthorised applications that can turn big and have a detrimental effect on your organisation.
  8. 8. Networks that predict attacksand protect themselvesSo what are we aiming for?We want intelligence that brings to life inreal-time the potential threats and outcomes facedby businesses, helping them make the right decisionsfor effective policies.We want self-regulating systems that crunch throughmassive amounts of raw, unstructured data inminutes to detect patterns, predict problems anddisplay results using visualisation tools.We want to build intelligence into networks toimprove resilience for all users, drawing on enhancedsituational awareness tools and Artificial Intelligencetechniques (that can be maintained automaticallyby the system) to fuse and visualise vast amountsof data from different sources — detecting potentialintrusions or hacking attempts in minutes ratherthan weeks.And we want a higher-touch, more controls- Please get in touch if you’d like to find out moreorientated approach to security incident and event about how BT Assure can make this a reality.management (SIEM), allowing analysis and reportingthat is fully interactive and able to be customised.Real-time threat monitoring
  9. 9. Ponemon Institute Cost of Data Breach Study 2011.1Traffic intelligence and analytics firm Narus, 2011.2IT nonprofit organisation CompTIA, 2011.3
  10. 10. Offices worldwideThe telecommunications services described in thispublication are subject to availability and may bemodified from time to time. Services and equipmentare provided subject to British Telecommunications plc’srespective standard conditions of contract. Nothing in thispublication forms any part of any contract.© British Telecommunications plc 2012Registered office: 81 Newgate Street, London EC1A 7AJRegistered in England No: 1800000