Automated security is now a reality
By Sumit Bansal March 15, 2016
- IT security has not been treated as an ecosystem, but rather as disparate layers
- This concept is flawed and ineffective in forestalling today’s sophisticated threats
TODAY many organisations, regardless of size, are at an unacceptable level of risk. The combination of increased risk, volume, sophistication and success of attacks, coupled with small and resource-constrained teams, have created such risk.
According to a recent Ponemon Institute Report, 74% of breaches go undiscovered for more than six months.
In today’s dynamic business landscape, enterprises can no longer afford to treat security reactively, discovering a security incident only after a user complaint is lodged and the IT team despatched for investigation.
READ ALSO: Consolidate your security vendors, urges Cisco
Inside every organisation are multiple entry points that are waiting to be exploited and compromised by cybercriminals.
While businesses are taking a conscious effort in protecting their digital assets from potential theft or leakage, gaining visibility into an organisation’s security posture across the entire attack surface remains a complex and daunting challenge for many.
IT security re-imagined
For years, network security and endpoint security have been treated as two completely different entities.
IT security is not regarded as an ecosystem, but rather as disparate layers that operate independent of nearby objects and events. Specialised siloed point security products typically make up these layers upon the hope that an incident could be stopped at any one of these layers.
This concept is flawed and has been deemed ineffective in forestalling sophisticated threats that are becoming increasingly coordinated.
The result is disjointed security that may crush separate elements of the threat, but still fail miserably in offering complete visibility and control for rapid response and remediation.
The bad news is complex, threat-centric, headcount-dependent and myopic solutions will no longer meet the needs of today’s resource constrained IT security teams.
What if security could be just as coordinated as today’s cyberthreats, by allowing real-time communications between the network and endpoint, and at the same time, be synchronised across the entire threat surface to deliver better protection?
In other words, businesses, regardless of size, need an integrated, ecosystem-centric IT security system that is highly automated, and also an advanced intelligent system that is simple to deploy and use at the same time.
Automation and rapid threat response
Automation is perhaps one of the most important and pragmatic benefits afforded by synchronised security, where individual components share information between the endpoint and network to coordinate an immediate and appropriate response to suspicious behaviour, with minimal or zero human intervention.
For instance, if a protected endpoint is compromised, the synchronised security protection put in place will immediately isolate this endpoint, preventing it from leaking confidential information to the server.
This type of discovery and incident response usually takes weeks or months, but has now been reduced to seconds with synchronised security.
With synchronised security, businesses can achieve an automated and integrated response capability to protect against cyber-attacks, and as a result, a significant reduction in time and resources required to investigate and address security incidents – which in turn free them up to focus solely on running their core business.
Sumit Bansal is director for Asean at UK-based cybersecurity specialist Sophos.
Cybersecurity industry facing AI, privacy and trust issues: RSA president
The threat landscape runneth over, here’s what we need to do
The six domains of network security, and fighting IT
For more technology news and the latest updates, follow us on Twitter, LinkedIn or Like us on Facebook.