Why is cyber security management so often reactive? Typically, it’s because security is bolted on to existing network systems and architecture when vulnerabilities are identified or a threat hits home. This often results in businesses deploying multiple prevention and detection solutions in an attempt to shore up different areas of the network architecture.
This reactive approach can be difficult to manage, with different security solutions addressing different challenges and all reporting on multiple dashboards. Moreover, the ‘sticky plaster’ approach is expensive. Businesses end up throwing money at security solutions that are underutilised and inefficient, and still there are gaps in their network security.
As we all know legacy systems can be a bit of a headache. They don’t work well together, they may be out-dated and require frequent patching and updates, with the intention that when these IT systems are eventually replaced a more proactive (even holistic) approach to security will be implemented.
However, budgetary constraints often scupper these plans too, and Information Security professionals have to find effective workarounds ensuring legacy systems do not pose a threat to the business in themselves.
So how can your business or organisation drive efficiencies and savings, and become more proactive when managing your cyber security? The three core principles of information security provide a starting point:
These are the core principles known as the CIA Triad, the basis for designing information security policies. By using these principles when addressing vulnerabilities and threats it may be possible to find more effective ways to protect your business than bolting on another solution.
Instead we can look at network architecture using these core principles and explore what solutions are already in place and how these supports the CIA Triad. For example, what existing solutions have Identity and Access Management capabilities? Are they fit for purpose, and can any of them be deployed in other areas of the network to support the principle of ‘confidentiality’?
Alternatively, do you have existing information security solutions in place that are making it difficult for users to get on with work, blocking them from accessing authorised data or systems? If so, they will most likely be looking for a workaround themselves that could result in security being compromised – for example by someone using another person’s password to access more sensitive data.
We recommend that you get back to basics and take a total network architecture view of the threat landscape and your business’ vulnerabilities. This way you’ll be able to identify the gaps in existing solutions and how the core principles of information security apply to your network architecture. With this you can then build on those principles, and on solutions in a more proactive way.
By auditing your existing security solutions there may be opportunities to utilise these better, by identifying the solutions that are delivering poor ROI and the ones that could provide solutions to different security challenges.
If you would like to discuss any of the above in more detail or understand how our technology provides a proactive view (on any technology) please email me or get in touch with us: firstname.lastname@example.org
By Ian McGregor, CRO, Invinsec