According to a survey we carried out recently with IT security professionals, more than half (58%) of enterprise security is currently focused around ways of preventing threats, comprising solutions such as enterprise firewalls, intrusion prevention systems and endpoint anti-malware systems.
However, a recent report from Gartner predicts that advanced targeted attacks are set to render such prevention-centric security strategies obsolete over the next five to six years. The report posits that by 2020 the BYO culture and the rise of the Internet of Things (IoT) means enterprise IT departments will no longer own the devices connected to their infrastructure. Indeed, in the case of cloud services in particular, they may no longer have control over the network itself, or the servers, OS or applications being employed by the end-users.
Vulnerabilities and weak points
As a result, enterprise IT systems will constantly find themselves open to compromise, unable to adequately prevent advanced target attacks from finding their way into the infrastructure. The rise in advanced persistent threats (APTs) presents additional challenges, having made their way into the infrastructure and remaining there undetected while carrying out their nefarious purposes.
Businesses are beginning to realize that they need to better understand the vulnerable points in their IT environment in order to tighten security measures against an increasing number of aggressive targeted attacks. Sophisticated APT and malware attacks highlight the fact that employee-related endpoints are the weakest points in an organization’s IT perimeter; areas of vulnerability that represent the greatest risks to security.
Picture the enterprise as a house, with traditional prevention-centric security strategies blocking access via typical entry points, its doors and windows. The explosion in additional endpoints that BYO and the IoT represent will significantly increase the number of these potential entry points, and thus reduce the effectiveness of any pure prevention-centric strategies.
Visibility across the IT infrastructure
In able to ensure better protection from those threats that exploit this wealth of entry points, organizations require clear visibility of what’s occurring across the entire IT infrastructure, including each endpoint.
There are many technologies and solutions that can – and should – be integrated to achieve greater levels of IT security for a businesses including, importantly, the ability to monitor and analyze actions carried out by all endpoints and end-users across IT infrastructure.
To return to the house analogy, businesses require a security camera in order to monitor any unusual activity taking place right around the house’s perimeter.
One means of visualizing an organization's IT infrastructure and its endpoints is through the use of IT Operations Analytics, or ITOA, a form of real-time analytics recently identified as an emerging sector by Gartner. ITOA solutions employ advanced analytics to harness and process vast volumes of highly diverse data from the various applications and endpoints across an organization's IT infrastructure.
As a result, attacks can be detected early enough for IT security teams to be able to react and prevent them from spreading which, according to our survey, is something that only a fifth (19.8%) of security teams are currently able to do.