Companies have to address security in some form and fashion or level of degree. Many IT shops still feel we have a firewall and virus protection, good enough. Is it? Other IT shops try to do IDS, IDP, and SIEM type solutions. Are they doing them all correctly? Can they do them all?
While threats to network and information security have existed since the dawn of the information age, the complexity and scale of attacks have exploded in recent years, presenting enterprises with daunting challenges as they struggle to defend an increasingly vulnerable perimeter. With cyber crime now more lucrative, and far less risky, than the illegal drug trafficking trade, it is hardly surprising that the level of criminal talent devoted to the Internet has risen tremendously. Consequently, threat levels and attack impact have skyrocketed. For example, in just a few years, Distributed Denial-of-Service (DDoS) attacks have jumped in size from dozens to hundreds of gigabits per second — a result of increasingly sophisticated malware and growing zombie armies. That is significant changes - can you manage that?
Unfortunately, traditional perimeter defense solutions have not kept pace with the rapid growth in risk. While enterprises currently have an arsenal of threat-specific tools at their disposal, these rigid, centralized defenses do not provide the flexibility or scale necessary to combat the outsized, adaptive threats facing today’s IT infrastructure.
Cloud-based security services offer an innovative approach to helping organizations address the limitations of traditional perimeter solutions by adding a globally distributed layer of defense. This instantaneously scalable layer is designed to deliver a level of protection that is orders of magnitude greater than any centralized defense.
In addition, cloud security solutions offer unprecedented flexibility across a broad set of protective capabilities. This allows companies to leverage just-in-time defenses that help them adapt to rapidly changing risks and protect against unknowable future threats, while avoiding the costly proposition of having to correctly predict — and pay for — their security needs in advance.
The other thing I find at many companies is that we put all these security solutions in place, but we never take into account the FTE requirements to maintain, support, or operate the solution. Shelfware, that solution purchased with best intentions that eventually ended up on the shelf because we did have the resources to implement or maintain the solution. Many shops have gotten into the SIEM solution - purchasing things like EMC enVision - but never put a plan around all that data collection. What is important, what is not, and who is reviewing this data. It quickly becomes overwhelming and falls to the sidelines.
What would be wrong with putting your firewall, IDS and other security infrastructure solutions into the cloud? More so, as a managed service in the cloud, perhaps part of your MPLS solution. It is difficult to have all the necessary staff to maintain all these solutions, keep up on training and skills and ability to ensure they are configured appropriate. Use your existing staff to monitor and interact with your service provider, but really focus your staff now on clients, awareness training, data classification, and other important tasks that just don't get done.
Therefore, leave defending the perimeter to the experts, and your internal team defend the core and clients. That combination is a good recipe for success and is very manageable. We have to think big picture and new ideas! Stay engaged and stay positive!
About Me
- Scott Arnett
- Scott Arnett is an Information Technology & Security Professional Executive with over 30 years experience in IT. Scott has worked in various industries such as health care, insurance, manufacturing, broadcast, printing, and consulting and in enterprises ranging in size from $50M to $20B in revenue. Scott’s experience encompasses the following areas of specialization: Leadership, Strategy, Architecture, Business Partnership & Acumen, Process Management, Infrastructure and Security. With his broad understanding of technology and his ability to communicate successfully with both Executives and Technical Specialists, Scott has been consistently recognized as someone who not only can "Connect the Dots", but who can also create a workable solution. Scott is equally comfortable playing technical, project management/leadership and organizational leadership roles through experience gained throughout his career. Scott has previously acted in the role of CIO, CTO, and VP of IT, successfully built 9 data centers across the country, and is expert in understanding ITIL, PCI Compliance, SOX, HIPAA, FERPA, FRCP and COBIT.
No comments:
Post a Comment