2014 Is The Year To Simplify Security And Increase Effectiveness

Simplify Security

As we look ahead in this new year, many of us turn our attention to New Year’s resolutions. Losing weight, quitting smoking or getting fit are all popular goals. But as our lives become more complex and harried, one resolution that I hear with increasing frequency is: I want to simplify my life.

Many of the world’s greatest thinkers have touted the virtues of simplicity:

  • Simplicity is the ultimate sophistication. – Leonard da Vinci
  • Our life is frittered away by detail…Simplify, simplify. – Henry Thoreau
  • Life is really simple, but we insist on making it complicated. – Confucius

And this got me thinking about simplifying security. Cybersecurity is becoming so complicated that you could argue that complexity is one of our biggest security challenges. The evolving trends of mobility, bring-your-own-device (BYOD), cloud computing and advanced targeted attacks are driving this complexity.

Today’s networks go beyond traditional walls and include data centres, endpoints, virtual and mobile. These networks and their components constantly evolve and spawn new attack vectors including: mobile devices, web-enabled and mobile applications, hypervisors, social media, web browsers and home computers.

As threats and our IT environments have become increasingly sophisticated, they’ve collided with traditional security methods that have not followed suit. Is it possible to simplify security yet increase its ‘sophistication’?

Most organisations attempt to secure these extended networks with disparate technologies that don’t – and can’t – work together. Not only are these structures difficult to manage but they create security gaps sophisticated attackers exploit with methodical approaches that leverage time, patience and nearly imperceptible indicators of compromise to accomplish their mission. We find ourselves ‘frittering away’ too many resources manually managing more and more security tools, yet breaches happen and go undiscovered for much too long.

As an IT professional, if you’d like to make a New Year’s resolution to simplify your approach to security while enhancing your defences, you need a new model that is threat-centric – meaning focused on the threats themselves versus merely policy or controls. It must provide broad coverage across all potential attack vectors, rapidly adjust to and learn from new attack methods, and implement that intelligence back into the infrastructure after each attack.

Technologies that incorporate the following capabilities can help simplify security.

Visibility

To harness local and global intelligence with the right context to make informed decisions and take immediate actions. This requires the ability to tap into the power of big data analytics for better insights; open interfaces to visibility tools and real-time vulnerability-based research to proactively identify and respond to threats anywhere and anytime; and an open architecture for transparency.

Control

To consistently enforce policies across the entire network and accelerate threat detection and response. This requires an enterprise security architecture to enable unified, automated enforcement of polices from the data centre, to the cloud, to the endpoint; enterprise-class, integrated policy and event management for more consistent control and better visibility into security devices; and open interfaces to control platforms to eliminate security gaps and complexities of point solutions.

Advanced Threat Protection

To detect, understand and stop targeted malware and advanced persistent threats across the entire attack continuum. This requires threat protection across the entire organization, from network to endpoint, from mobile to virtual and from email to web; and pervasive protection before, during and after attack, across more attack vectors and points of vulnerability.

Flexibility

To deploy security in a way that best fits and adapts to your changing environment. This requires it to be available in multiple form factors – physical, virtual, cloud and services depending on your business model; and open APIs to manage and support existing and evolving security infrastructure.

You can’t afford to leave gaps in protection that today’s sophisticated attackers exploit. At the same time, you can’t keep adding disparate security solutions that don’t work together. With technologies that enable visibility, control, advanced threat protection and flexibility, it is possible to simplify security and increase effectiveness. We no longer need to ‘insist’ that security must be complex. Instead, we can simplify.

SHARETweet about this on TwitterShare on LinkedInShare on FacebookShare on Google+Pin on PinterestDigg thisShare on RedditShare on TumblrShare on StumbleUponEmail this to someone
Leon Ward

Leon is a field product manager for Sourcefire. Prior to joining Sourcefire, Leon was involved in the design and development of open source (OSS) Intrusion Prevention Systems. Leon applies his strong background in UNIX security and protocol analysis to overcome the challenges of network security monitoring in the enterprise, specifically in the areas of network intrusion detection, threat mitigation, event analysis and vulnerability assessment. In the little spare time Leon finds, he is the lead contributor to the open source network traffic forensics project OpenFPC (Open Full Packet Capture).