New report identifies three key focus areas for security technology investment
Big data analytics a ‘foundational technology’ for stronger cyber-defence
THE Security for Business Innovation Council, comprising top security leaders from Global 1000 enterprises, is advocating technology investment in three key areas and also recommending specific security technologies to better build anticipatory defences.
Council members collectively observe the major innovations underway in security technology and contend that these technologies are not being developed or implemented quickly enough, according to a new report released by RSA, the security division of EMC.
The Transforming Information Security: Focusing on Strategic Technologies report identified three key areas for technology investment: Cyber-threat resiliency, end-user experience and cloud security, RSA said in a statement.
The report also offers organisations insight from top security leaders to dramatically strengthen security capabilities and maximise technology investments when considering complex deployments.
Organisations now acknowledge the inevitability of breaches, and have turned attention to minimising their impact, RSA said.
As such, security leaders are focusing on strategies and technologies that help provide threat resilience versus prevention; and prioritising investments in solutions that provide better detection and response capabilities.
Against this backdrop, the report affirms that big data analytics is a foundational technology needed to help achieve a stronger cyber-defence. Next-generation anti-malware technology is also identified as a key area where organisations should add new techniques to baseline capabilities.
“Increasing resilience is core to any organisation’s cyber-defence strategy,” said RSA senior vice president Amit Yoran.
“Employing the right technologies that provide better visibility and analysis to actually anticipate attacks can and should reduce risk to the business. This report provides the necessary guidance to help security teams determine how to make the right technology investments,” he added.
Council members highlighted the importance of improving end-user experience for business productivity gains and suggest investments in more flexible methods for authentication and Identity and Access Management that help reduce risk.
The Council details three recommendations that provide prescriptive guidance to successfully navigate new technology deployments and maximise security investments:
1) Look at least 3 years ahead
By using SWOT (strengths, weaknesses, opportunities, and threats) analysis, aligning with IT and the business, creating an enterprise-wide big data strategy, and engaging with auditors, organisations can formulate plans to determine what security capabilities will be needed to protect against a dynamic threat landscape.
2) Achieve bigger picture through integration
When investing in security technologies today, the greatest payoffs often come from connecting and consolidating information from multiple applications. Technologies are now available that make it easier to integrate systems such as data analytics, security intelligence, and GRC platforms.
3) Maximise value through formalised technology developments
Leading security teams familiar with the pitfalls of technological change, budgetary shortcomings, and the failure of new product expectations advise having formal approaches to deployment in order to proactively manage the risks.
The Security for Business Innovation Council is a group of top security leaders from Global 1000 enterprises committed to advancing information security worldwide by sharing their diverse professional experiences and insights.
The Council produces periodic reports exploring information security’s central role in enabling business innovation, RSA said.
This report is the third in a three-part series on building a next-generation information security programme. The first report was Transforming Information Security: How to Build a State-of-the Art Extended Team and the second was Transforming Information Security: Future-Proofing Processes.
Contributors to this report include security leaders from some of the largest global enterprises such as ABN Amro, Coca-Cola, eBay, EMC, FedEx, HSBC Holdings, Intel, Johnson & Johnson, JPMorgan Chase, Nokia, SAP, T-Mobile USA and Walmart.
To download the latest Security for Business Innovation Report, click here.
Big data approach can help shore up cyber-defence: RSA
Adaptive identities coming to forefront of security: RSA
Interpol lays out response blueprint for global cybercrime war
For more technology news and the latest updates, follow us on Twitter, LinkedIn or Like us on Facebook.