E R T N
P
X
E INIO
OP
‘prepare and protect’ is a poor strategy
from a security performance and cost
standpoint, especially as we reach a
point where the cost of containment and
response can far exceed the investment
in resilience. This is clearly illustrated by
the global impact of the 2017 ‘NotPetya’
Metrics can be
developed that
show progress
toward proactive
investment and
goals to ensure
preparation and
protection
against risk.
know what it will take to protect critical
assets and priorities and at what cost.
Proactive security measures identify
high-priority exposures, threats and
risks to the business, correlates them
to specific assets and helps identify
appropriate privileges and controls in
facilitating access to and use of these
assets. IT works with security to identify
and track priorities and puts proactive
measures into operation, enabling tasks
to flow into IT operations processes
to ensure their proper execution. The
ability to provide diverse views into data
relevant to all these interests is critical to
the success of the collaborative effects
of proactive security.
Previous lopsided investments
To date the lopsided investment in
reactive measures tacitly acknowledges
that proactive measures have too often
failed to deliver on their promise to
www.intelligentciso.com
|
Issue 07
protect the organisation. The plethora of
tools and data, over-reliance on people,
operations products that cannot be
tailored to the business and infatuation
with reactive measures have made it
difficult to commit to proactive security.
Fortunately, technology that supports
a strategy of prepare and protect is
catching up and helping to provide a
balance. Advances in data management
and analytics enable security operations
to readily gather data from multiple
sources, rationalise differences between
these sources and present customised
views into the data. All of this can be
done with higher speed and accuracy
than was possible in the past.
Organisations investing in prepare-
and-protect approaches are more
resilient to attack and are better able to
isolate and recover from attacks when
they do occur. The fact is, opting to
‘monitor and respond’ at the expense of
outbreak, which ranges as high as
US$10 billion – yet the vulnerabilities
exploited in many cases had already
been resolved for years in many older
operating systems.
Advances in data gathering,
rationalisation, analytics and automation
have now made a proactive strategy
more actionable now than ever before.
Organisational infrastructures are
becoming more complex as billions of
smart devices coupled with a growing
diversity of technologies demands an
approach that can scale.
Adversaries, too, recognise how
their strategies must adapt. The risks
are too great to ignore. The technology
is available; the time is now to act,
before organisations become even
more overwhelmed with what may face
them tomorrow. u
43