Even though we've seen a variety of security technologies appear during the past decade, the rapid evolution and increasing sophistication of the threat landscape ensured a never-ending battle with the bad guys. What can the information security industry do to truly innovate, not just follow the tactics of cybercriminals and, ultimately, act as a giant band aid?
There are many things the information security industry can do to stay ahead of the bad guys through innovation. Here are just five things that would give any organization a head start.
Master the basics: Make sure you start at the endpoint and work your way into a comprehensive layered defense. Keep focus on the importance of disciplined deployment of anti-virus systems, network security, patch management and deployment, etc.
Iron out the seams: The scope and complexity of today’s IT systems require a multitude of security solutions to keep everything safe. Organizations rightly want best-of-breed solutions to protect their domains. At the same time, we can increase risk to the enterprise if we “bolt on” appliance after appliance, solving one unique problem at a time. We can actually increase the odds of error to due misconfiguration or incompatibility if we lose sight of the seams. So it’s important to make sure we’re always integrating and evaluating, to make sure we are ironing out those seams.
Outflank them: There is lots of innovation today in the area of hardware-enhanced security. Where possible, make sure you take advantage of everything your platforms offer in terms of hardware and software-based security. Many security software products out there today work just fine alone, but when collaborating with hardware that provides lower-level security controls and resources, you get a more robust and secure solution.
Encrypt and authenticate everything: When encryption was expensive, we had to prioritize what we protected. Today Moore’s Law has enabled virtually ubiquitous encryption. Tools for everything from build data encryption for data at rest to straightforward protection of data in motion are easily and widely available. Let’s use them. Similarly, let’s expect that identity and authentication will get easier and better. For example, if we harden identity with things like multi-factor authentication, bio-metrics, and federation, we can reduce the dependency on passwords and thereby remove one of the weakest links in the security chain. How often can you say that you have improved the user experience while elevating security? That’s innovation!
Exercise your recovery plans: No one wants to hear it, but bad things will happen. Plan for it. Drill for it – like my elementary school did in St Louis where I grew up, getting us ready for tornadoes! Build resiliency and robust business continuity plans.
Based on your conversations with industry peers, what type of threat scenario keeps them awake at night these days?
The areas of concern for security professionals can be broadly classified into two main categories: 1) Innovation, where you want to say “Yes” while being responsible, and 2) Keep the Business Running (KTBR), where you ensure that you have adequate protections for existing systems.