Achieving IT Security Intelligence

 

Achieving IT Security Intelligence

Monday, July 18th, 2016 - 8:54
Posted by: 
IT security needs to be proactive—using cyber analytics and cognitive-based systems to ultimately achieve security intelligence.

No longer can security programs rely on “if it’s not broke, don’t fix it”–the bad guys could already be inside your systems, stealing your data or probing to get in. Too many CIOs and CISOs are looking for jobs because they thought their systems and data were secure when, in fact, the opposite was true. Security programs need effective protection of valuable information and systems to prevent data breaches and to comply with the ever-increasing federal compliance requirements (e.g., FISMA, the Privacy Act, NIST, OMB mandates, FedRAMP, HIPAA/HITECH, etc.).

Security Challenges are Greater than Ever

With massive increases in data, mobile devices, and connections, security challenges are increasing in number and scope. They fall into three major categories: external threats, internal threats, and compliance requirements.

External Threats

The nation faces a proliferation of external attacks against major companies and government organizations. In the past, these threats have largely come from individuals working independently. However, these attacks have become increasingly more coordinated, and they are launched by groups ranging from criminal enterprises to organized collections of hackers to state-sponsored entities; attackers’ motivations can include profit, prestige, or espionage.

These attacks target ever more critical organizational assets, including customer databases, intellectual property, and even physical assets that are driven by information systems. They have significant consequences, resulting in IT, legal, and regulatory costs. Many of these attacks take place slowly over time, masked as normal activity. The threat vector known as advanced persistent threat (APT) requires specialized continuous
monitoring methods to detect threats and vulnerabilities prior to breaches or loss of sensitive data.

Internal Threats

In many situations, breaches in information security are not perpetuated by external parties but by insiders. Insiders today can be employees, contractors, consultants, and even partners and service providers. These breaches range from careless behavior and administrative mistakes (such as giving away passwords to others, losing backup tapes or laptops, or inadvertently releasing sensitive information) to deliberate actions taken by disgruntled employees. These actions can lead to harm as dangerous as external attacks, if not more so.

Compliance Requirements and Effective Protection

Public sector enterprises face a steadily increasing number of federal, industry, and local mandates related to security, each of which have their own standards and reporting requirements. These many mandates include FISMA, the Privacy Act, NIST standards and special publications, OMB mandates, FedRAMP, HIPAA/HITECH, Sarbanes-Oxley, various state privacy/data breach laws, IRS 1075, SSAE 16, COBIT®, various ISO/IEC international standards, EU privacy directives, etc. Complying with these requirements often takes a significant amount of time and effort to prioritize issues, develop appropriate policies and controls, and monitor compliance.

To address external, internal, and compliance challenges through a proactive approach, four key areas must be addressed to protect an organization’s systems and data:

  • Security architecture effectiveness
  • Critical data protection
  • Security compliance
  • Holistic security program

Read the entire article.

0 comments
The content of this field is kept private and will not be shown publicly.

Your comment will appear after administrative review.

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Image CAPTCHA
Enter the characters shown in the image.

0 recommendations