By Hemal Patel, MD & CEO, Cyberoam Technologies
The year gone by witnessed a spate of malware attacks and network breach incidents that ambushed world's best guarded enterprise networks at global corporate giants and several military, government and critical infrastructure establishments. Malware mayhem continues and cyber-crime and attack methods continue to evolve. In an exceedingly digitally connected world, one small mistake or a click event can trigger an influx of sophisticated attacks in enterprise networks, leaving businesses wide open to evolving threats and cyber security risks. Researchers, analysts, bloggers, journalists all have offered varying theories and analysis into this growing menace of evolved attacks, citing presence of critical security gaps in IT and network environments as the most significant vulnerability, putting organizational networks at greater risk.
Businesses and organizations emerge increasingly connected and digital, and at the same time, security environment continues to grow more complex - becoming nearly unmanageable for most CSOs, CISOs and other security managers. For security executives, it has turned out a catch-22 situation, for on one hand, threats and attack methods are increasing in frequency, scope and severity and on the other hand, monitoring connected networks and user activities in a drastically evolved technology landscape is turning more stressful and ironically a thankless job at the same time.
IT and Security decisions turning into a boardroom battle
Internet brings us a digital economy and other avenues like cloud, virtualization, mobility, BYOD, IoT ecosystem and more. Progressive enterprises and established organizations alike yearn to seize this opportunity and catalyze unprecedented operational efficiencies and technology capabilities for their workforce, partners and customers. But there's a flip side too. Most CXOs remain at loggerheads in turning the disruptive into productive. This is because there's a lack of understanding into how security ties with business and IT / technology decisions. For example, a CSO and a CIO may argue over a question -whether going for cloud or virtualization can lead to new security challenges!
Aligning CIO and CSO interests requires finding the right solution around below aspects,
Enterprise security teams want to transition from reactive to predictive / pre-emptive security
Cyber criminals behind evolved attacks and malware campaigns are not naive, basement hackers. They are skilled threat actors and they feast on security gaps in enterprise networks and exploit 'users' as attack vectors. And most organizations struggle to fathom whether their users pose as threat actors or attack vectors! Indeed there's an improved state of awareness and CXOs realize that besides external threats, insider risks and user driven actions too can prove lethal for their mission-critical networks and may jeopardize sensitive and classified data assets. As a result, stand-alone security solutions like firewall, IPS and VPN are giving way to integrated security solutions with actionable security capabilities.
A growing number of security managers are wishing for a science fiction-like capability to preempt and mitigate threats. Sci-fi writers and science-fiction film makers have already portrayed such possibilities. The ongoing paradigm shift towards pre-emptive security shares some signs of such capabilities. Many organizations and security managers are leveraging big data analytics tools to capture early signs of specific user actions or network event patterns that may hint at a possible ongoing attack or anomaly.
CXOs understand that most security paradigms fall short in combating insider threats and user-triggered risks. Winds of change in enterprise security clearly reveal growing importance of analytics and actionable security as a key priority besides cloud, virtualization and mobility to cope with security challenges concerning audit and compliance, data protection and unauthorized access.
It's about time organizations recognize this challenge and up the ante to bolster threat prevention, detection, and security risk mitigation in an increasingly connected world and for the new digital economy.