By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
SmartData Collective
  • Analytics
    AnalyticsShow More
    data analytics in sports industry
    Here’s How Data Analytics In Sports Is Changing The Game
    6 Min Read
    data analytics on nursing career
    Advances in Data Analytics Are Rapidly Transforming Nursing
    8 Min Read
    data analytics reveals the benefits of MBA
    Data Analytics Technology Proves Benefits of an MBA
    9 Min Read
    data-driven image seo
    Data Analytics Helps Marketers Substantially Boost Image SEO
    8 Min Read
    construction analytics
    5 Benefits of Analytics to Manage Commercial Construction
    5 Min Read
  • Big Data
  • BI
  • Exclusive
  • IT
  • Marketing
  • Software
Search
© 2008-23 SmartData Collective. All Rights Reserved.
Reading: Yesterday’s Security vs Today’s Threats
Share
Notification Show More
Latest News
data analytics in sports industry
Here’s How Data Analytics In Sports Is Changing The Game
Big Data
data analytics on nursing career
Advances in Data Analytics Are Rapidly Transforming Nursing
Analytics
data analytics reveals the benefits of MBA
Data Analytics Technology Proves Benefits of an MBA
Analytics
anti-spoofing tips
Anti-Spoofing is Crucial for Data-Driven Businesses
Security
ai in software development
3 AI-Based Strategies to Develop Software in Uncertain Times
Software
Aa
SmartData Collective
Aa
Search
  • About
  • Help
  • Privacy
Follow US
© 2008-23 SmartData Collective. All Rights Reserved.
SmartData Collective > Data Management > Best Practices > Yesterday’s Security vs Today’s Threats
Best PracticesCloud ComputingSecurity

Yesterday’s Security vs Today’s Threats

AlexOlesker
Last updated: 2011/10/13 at 4:46 PM
AlexOlesker
5 Min Read
SHARE

Another discussion from the HP Protect 2011 conference on Monday, September 12, 2011 featured Bob Gourley and HP’s Andrzej Kawalec, CTO of Enterprise Security, discussing the evolving enterprise threat environment and how it can be mitigated.

More Read

How can CIOs Build Business Value with Business Analytics?

CIOs and Big Data [INFOGRAPHIC]
CIOs Predict IT Development
What Every CEO Needs to Know About IT
Informatica Gets Heiler for PIM and Product Information Management

Another discussion from the HP Protect 2011 conference on Monday, September 12, 2011 featured Bob Gourley and HP’s Andrzej Kawalec, CTO of Enterprise Security, discussing the evolving enterprise threat environment and how it can be mitigated.

Bob and Andrzej agreed on three major emerging challenges in enterprise cybersecurity. The first is simply the nature of the threat, which is growing in sophistication, speed, and targeting over time. Phishing, for example, gives way to Spear phishing where the impostor emails are designed to look like they came from colleagues, offer a malicious link tailored to the target, and may have company letterheads and logos. Threats to enterprise are growing more serious because, as Bob noted, the money is with the enterprises and the threats follow.

The second emerging challenge is the consumerization of IT. Employees no longer do all their work on a (hopefully) secured company workstation. Instead, they are flipping through presentations on their personal tablets and checking emails on their smartphones. While on one hand this is great as it allows users to stick with the devices they prefer and are comfortable with, and encourages them to work wherever and whenever is convenient, it also means that hardening single data endpoints is no longer enough, as an enterprise can’t know what device its employees will be working on. Already, a recent survey of IT managers reveals that employees use personal devices for work in almost 90% of companies, and that most do not have the tools to manage them.

Lastly, the cloud is changing how IT is delivered. Software-as-a-Service, Platform-as-a-Service, and Infrastructure-as-a-Service are reinventing how we consume and interact with IT. Again, cloud computing has brought many benefits, but also its share of challenges as CTOs, CIO, and CISOs adjust and make their security work for a new paradigm.

Adapting to this threat environment requires a risk management approach. We must assume we will eventually be breached and be ready to respond with in-depth forensics and remediation immediately. As Kawalec noted, enterprises must plan to fail and expect to be under attack not just from malware or malicious code in general, but also internal threats, the quintessential example being Bradley Manning and all the anonymous contributors to WikiLeaks. This complicates security not only because social engineering and trusted users can get around any current technical solution, but also because their motivations tend to be different from traditional criminal hackers.

If enterprises assume that their networks are already compromised, they need to protect them with a remediation approach. An example would be Triumfant’s Configuration and Change Management Tool, which effectively scans networks for anomalies before users even notice that something is wrong, and then reduces infection turnaround time from days to minutes as it implements solutions at the click of a button then fills on gaps from healthy computers if important file systems have been deleted.

Still, even with products emerging to help enterprises “plan to fail” at perfect internet security, dealing with a shifting IT paradigm and threat environment takes a different kind of CIO. Since perfect security is impossible, CIOs need to decide what level of risk they are willing to accept. Today’s CIOs and CISOs also need to understand architecture, vision, and design, to see the system on both macro and micro levels to reduce security silos and provide robust solutions for a changing world.

Staying ahead of the threat has always been hard but there are new integrated capabilities that aid defense, like ArcSight’s suite of integrated capabilities (ArcSight is in the leader’s quadrant of Gartner’s SIEM Magic Quadrant Report). Ensuring SIEM capabilities like this are integrated into your enterprise is a key component in ensuring your enterprise is able to meet the threat.

Related articles
  • Big Data and the Enterprise CIO (ctovision.com)
  • Using Triumfant for Secure Configuration and Change Management (bobgourley.com)
  • In Search of a Russian Winter of Information Systems Security (fedcyber.com)

TAGGED: cio
AlexOlesker October 13, 2011
Share this Article
Facebook Twitter Pinterest LinkedIn
Share

Follow us on Facebook

Latest News

data analytics in sports industry
Here’s How Data Analytics In Sports Is Changing The Game
Big Data
data analytics on nursing career
Advances in Data Analytics Are Rapidly Transforming Nursing
Analytics
data analytics reveals the benefits of MBA
Data Analytics Technology Proves Benefits of an MBA
Analytics
anti-spoofing tips
Anti-Spoofing is Crucial for Data-Driven Businesses
Security

Stay Connected

1.2k Followers Like
33.7k Followers Follow
222 Followers Pin

You Might also Like

Analytics

How can CIOs Build Business Value with Business Analytics?

8 Min Read

CIOs and Big Data [INFOGRAPHIC]

0 Min Read
CIO and IT development
AnalyticsBig DataBusiness IntelligenceIT

CIOs Predict IT Development

4 Min Read

What Every CEO Needs to Know About IT

9 Min Read

SmartData Collective is one of the largest & trusted community covering technical content about Big Data, BI, Cloud, Analytics, Artificial Intelligence, IoT & more.

AI chatbots
AI Chatbots Can Help Retailers Convert Live Broadcast Viewers into Sales!
Chatbots
AI and chatbots
Chatbots and SEO: How Can Chatbots Improve Your SEO Ranking?
Artificial Intelligence Chatbots Exclusive

Quick Link

  • About
  • Contact
  • Privacy
Follow US

© 2008-23 SmartData Collective. All Rights Reserved.

Removed from reading list

Undo
Go to mobile version
Welcome Back!

Sign in to your account

Lost your password?