Stop Building Higher Walls And Start Understanding What Is Going On Within The Castle Walls.

Posted by Philip Bindley

There are a number of well reported trends that seem to be emerging. The first seems to be that Information Security is being replaced in type face with Cyber Security. It appears possibly to be a response to the nomenclature that the bad guys are being labelled with: Cyber Criminals, versus Cyber Security. In essence there are so many contradictory debates ensuing I think it will suffice to say that at this moment in time the terms Information Security and Cyber Security are pretty much interchangeable. Although you may draw the conclusion that cyber security pertains specifically to threats emerging from cyber space, rather than physical or human security threats but that is moot.

There is a pretty solid consensus of opinion in the industry that the perimeter is no longer able to protect from more than a modicum of very basic attacks.
The idea that technologies such as firewalls, VPN, Anti-Virus/Anti-Malware are the best protection against cyber threats is changing, there is almost a universal acceptance that being compromised is more a case of when not if. I am not suggesting that these technologies are dispensed with, simply an acceptance of the limitations that they have and invest in them accordingly.

Threat detection inside the firewall is the key: Attackers have become more sophisticated and an organisations ability to detect breaches of the perimeter before data is stolen is paramount. All too often attackers are not detected until it is too late, the data has already been lost or fraud perpetrated.

Therefore, investment in technology needs to be aligned with that notion in mind and focus budgets on rapid detection and having clear responses to such threats.
Gartner is reporting that by 2020, 60% of enterprises’ information security budgets will be assigned to rapid detection and response approaches, up from less than 10% in 2012. Also rendering data valueless and protecting data from being accessed with encryption and data firewalling technologies represents another layer of defence in depth that needs to be employed to protect an organisation’s most critical assets.

The convergence between Cyber Security and fraud prevention/detection is clear to be seen. Only by understanding what is going on within the castle walls, with real time data analytics of all of the activity within infrastructure, network and data can we detect which is deemed out of the ordinary. Similar in many respects to the analytics used to drive fraud prevention.

As the bad guys get smarter and cyber threats become a commodity that can be procured with a few clicks of a mouse and the exchange of bitcoins, we all need to concentrate our efforts and resources on developing strategies to mitigate against the inevitable. The role of the Information Security Professional is changing. We need now more than ever to provide our organisations with the thought leadership and clear business linked strategic thinking to manage risk, protect brand and allow our businesses to become more competitive and innovative in the face of increasingly complex yet easy to execute threats.

Related to: TalkTalk hack underscores how UK PLCs must do better at protecting customer data