It is a common problem: you have installed separate security components, and each comes equipped with their own management console. But time is of the essence: you know that security incidents won't wait for your team to discover them. Without a single view of events occurring in the network, security threats such as attempts to crack into your corporate server or a blended threat crossing into your network could happen right under your nose.
Controlling blended threats
In 2001, we were introduced to blended threats, including Code Red and Nimda, and since then we've witnessed the impact of others like Bugbear, Klez and Slammer. What differentiates these sophisticated threats from other Internet worms is that they use multiple methods to attack or propagate. If nothing else, these threats have taught us that a "one threat, one cure" approach is outdated. Defending your enterprise from blended threats requires protection on all parts of the network, and an ability to respond on the gateway, server, and client levels. Typically, blended threats exploit known vulnerabilities such as buffer overflows, HTTP input validation vulnerabilities, known default passwords, etc., all of which can be mitigated with existing operating system and application security patches. How do you ensure that all of your systems are up-to-date with the latest security patches?
Getting the most out of your security staff
Managing enterprise security today is a difficult process, delivered through a combination of disparate commercial products from different vendors lacking integration and interoperability. The result is a high degree of complexity and increased operational costs. Your administrators may be spending a lot of time focusing on redundant tasks that are required to manage the complex security infrastructure of your network. In this economic climate, there is increased pressure to do more with less from both a financial and resources viewpoint. Think of the possibilities-if you could free up your staff to focus on higher value activities, it would mean improved and more proactive security for your enterprise.
A Disciplined Approach
Given the above challenges, the complexities of today's security challenges require a holistic approach within the following four security disciplines:
Alert. Alert systems must be implemented to provide early warnings of threats-before operations can be infected.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.