+
EDITOR’S QUESTION
NICK BLACK – REGIONAL MANAGER
SOUTH AFRICA INLAND
/////////////////
E
ven though overall spending on IT
security continues to climb, the odds of
an organisation falling victim to a data
breach have risen to one in four. One third of
business leaders are not planning to improve
their security posture and this is raising some
significant concerns. Anyone whose data is
available to these organisations should be
seeing red flags and needs to re-evaluate
those organisations that they choose to
share data with.
Despite thousands of security products on
the market and massive budgets to purchase
them, data breaches continue, as seen in
national and international news daily. The
challenge for Chief Information Security
Officers (CISOs) lies in securing applications
and data in increasingly dynamic and
distributed IT environments (with constantly
reducing budgets).
As more organisations embrace modern,
agile models of application development,
the problem of implementing security fast
enough becomes nearly impossible.
CISO’s and their teams face two main
challenges while trying to secure their data
and applications:
1. Undetected threats: In the case of an
APT (Advanced Persistent Threat) data
could exfiltrate their perimeter controls
for several months or longer and then
be removed with an organisation never
knowing it was there. That data can then
be collated, mined and re-constructed at
leisure by a cyber-criminal for nefarious
state, corporate or personal attacks. This
is big business and is getting bigger all
the time.
2. Fast-paced, dynamic environments:
Existing security solutions are not
designed to accommodate the speed at
which modern application development
and deployment occurs, which means
that as new applications are launched
www.intelligentcio.com
“
DESPITE
THOUSANDS
OF SECURITY
PRODUCTS ON
THE MARKET
AND MASSIVE
BUDGETS TO
PURCHASE THEM,
DATA BREACHES
CONTINUE
and updated, security cannot keep pace.
The thinking of CISOs need to evolve with
the times which means applying some
basic principles that can provide a granular,
defence-in-depth approach for improved
security. For example: Minimum privileges
as the default, focused controls around
applications and workloads (not the OS),
that allow security controls to move with the
workload regardless of underlying platforms.
Knowledge of application specific behaviour
is necessary and integrity checking against
normal behaviour can be used very effectively.
In summary, the target for attacks is
data, the data is created/accessed and
manipulated by applications. If granular,
application focused, integrity comparison
checking is in place, it follows that the data
is then safe.
INTELLIGENTCIO
29