Increased attack sophistication—you’re no longer dealing with hackers out for a lark. Attacks are increasingly coordinated, coming from organized crime syndicates Big Fat Finance, and employing new avenues of attack. Advanced persistent threat (APT) describes attacks that unfold gradually as the attacker gains a tiny foothold in your systems and patiently works to expand it. Some of these attackers may even be sanctioned and supported by nation-states. How are you going to fight, say, China?
Cloud complications—when everything and anything can be everywhere or anywhere as with the cloud it complicates security. Add the movement of data and applications around the cloud and security gets immensely more complicated. Service level agreements must be rethought and traditional governance, compliance, and audit processes redesigned.
Readers of wiredFINANCE are familiar with IBM’s 4 security challenges. Mobile was addressed most recently here. IBM’s four big challenges are: the explosion of data, consumerization of IT, everything is everywhere (cloud complications), and the increasing sophistication of attacks.
The CFO must get involved in the organization’s security strategy. By 10:30 AM Eastern time, on Wednesday, March 3, Cisco had already posted three multi-vendor threat alerts. That followed about a dozen posted the day before.
IBM tracks security threats through its X-Force security intelligence team. Its latest quarterly report, issued last month, investigated Koobface, a cross-platform worm that targets users of social networking websites. Although originally designed to infect Microsoft Windows, the latest variants now can infect Mac OS X and Linux. Is your security team on top of that?
The risks alone raise this to a C-level concern. A data breach at HSBC disclosed 24K private banking customer accounts, TJX paid about $150 million to settle a class-action suit around a data breach that compromised private data, and Zurich Financial was fined $3.8M for the loss and exposure of 46K customer records. In response, companies have been reallocating and bolstering their information security spending, up from a typical 8% of the IT budget to 15%.
Data explosion—have your IT people requested increased budget for more storage capacity. Data is exploding at tremendous rates. Now more applications generate more and different kinds of data to be accessed by more users in more places. More data means more to protect and secure.
Leading IT vendors are jumping in with suites of products and services to address the security challenges. IBM, for example, offers a wide range of products and services under its security intelligence umbrella here and here. Cisco has its own security intelligence offering here. HP, too, provides security products and services here.
Individual security products by themselves, however, no longer are sufficient. What’s needed is an added layer that brings integration and analytics so managers can anticipate multi-dimensional threats coming, understand what they are, and respond fast.
Most organizations implement security after they have been attacked, a reactive approach. To address today’s biggest security challenges IBM advocates a proactive strategy, which it calls security intelligence. Let’s take a look at today’s four biggest security challenges.
Consumerization of IT—BYOD smartphones, enterprise 2.0, and social media present significant security challenges individually. Together they generate more data on inherently risky devices while blurring the lines between business and personal, further complicating the security challenge. How will you identify and protect the business assets separate from the rest.
http://coachfactorystore-bag.weebly.com
0 comments:
Post a Comment