As the economy heals, IT organizations are shifting from process improvement designed to reduce costs to enabling enterprise growth, improving operations, and attracting and retaining new customers. In a recent Harvard Business Review blog, David Burrus said that today’s CIO needs to transform into the “chief innovation officer.” “The CIO’s role must shift from protecting and defending the status quo to embracing and extending new innovative capabilities.”
This transformation depends on enabling unique business opportunities through technology and security. But with the threat landscape always changing, the delicate balance of enabling the business and keeping it secure requires that executives make smarter and more informed decisions.
Reactive and costly firefighting against security events, threats, and vulnerabilities just won’t cut it. Those strategies, at best, leave you with the status quo. To enable successful innovation, you need to transform your security systems to an adaptive, context-aware, synchronized security environment.
This article from McAfee bridges today’s big security ideas to a best practice framework: Security Connected from McAfee. Its guidance and reference architecture tools will help your organization improve your security posture, optimize your security for greater ROI, and align security strategically with business initiatives.
Focus 1: Targeted attacks
Targeted attacks keep evolving, with more criminals, activists, and spies getting into and changing the rules of the game. Whether the means of attack is a quick spearphish for banking credentials, a distributed denial-of-service against your website, or a protracted effort to penetrate and persist inside your network, targeting is a key element of an increasing proportion of enterprise attacks.
Attackers first scout the target organization and its users looking for ways in. Recently, we have seen the exploitation of “watering holes” as the first entry point. Cybercrooks plant malware on a topical website visited by employees, such as a business partner’s web training page or a mobile developer forum. Just as they would with a phishing site, an attacker can secrete a keylogger, hidden iframe, or browser exploit on a watering hole and gain access to your employee’s computer.
As enterprises have grown more diligent in maintaining operating systems, attackers are leveraging vulnerabilities in other software, including databases, web servers, and browsers. For example, to deface or take down your website, scanning tools can find weaknesses in your website and its enabling technologies.
The initial vulnerability on a client or server provides a hiding place and access to valuable corporate data assets and critical user credentials. Next, attackers interested in more valuable treasures (or greater mayhem) may move laterally around the network looking for databases, setting up backdoors for persistent access, and compromising other assets.
For further reading, visit www.mcafee.com/securityconnected and download Neutralize Advanced Threats, Achieve Continuous Monitoring and Counter Stealth Malware
Focus 2. Opportunistic Threats
Today’s cybercriminals have decades of experience, long-term criminal relationships, and an extensive trust network. They develop profitable and sophisticated attacks rapidly and make full use of advances in cloud computing, mobility, and social media.
They’ve become specialists in various complementary criminal activities—carders, malware developers, botnet herders, phishers, money launderers, and certificate forgers. For instance, botnets are now a mature industry.
First, a compromised host is scanned for credit card information or marketable personally identifiable information. When there’s nothing of value on the target system, victims become unwitting members of the botnet, passing along malware and spam and participating in distributed denial-of-service (DDoS) attacks. Newly compromised bots enable criminals to avoid reputation-oriented defenses, as well as search engine algorithms. By keeping a low profile, criminal networks become more scalable and resilient. While investing to detect and mitigate media-hyped targeted attacks, businesses must continue to combat the ever-present opportunistic ones.
For further reading, visit www.mcafee.com/securityconnected and download: Protecting Information and Protecting the Data Center
Focus 3: Strategies -The case for information-centric security
Information is vital to your business. Many companies are looking to harness the volume, velocity, and variety of data to get the most value from it. But data is everywhere and takes multiple forms. It’s at rest in your backup. It’s in motion as it travels around your network. And it’s being continually accessed and transformed through information sharing and collaboration among employees and with customers and partners. The ability to freely exchange data supports the goal of business innovation and growth.
Once we protected the perimeter. Then we protected predictable IT stacks. Now, as the cloud causes us to lose direct control over our systems and visibility into where our data lives, we need to adapt. Where is our most valued information? How can we find it given the volume of data being created? How do we track and protect it, given its variety? And how do we keep up, given the velocity of its creation and transformation?
The big new idea for many organizations will be finding the data reliably and continually—before it is at risk. Once found, tools like encryption and policy-based monitoring and prevention can help enable information-centric security.
For further reading, visit www.mcafee.com/securityconnected and download: Protecting Information
Leave a comment!
You must be logged in to post a comment.