One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 359023 |
| Date de publication | 2017-04-10 13:00:00 (vue: 2017-04-10 13:00:00) |
| Titre | Investing in Security : The Next Dollar In |
| Texte |
Improving protection will always require increasing investment. Attackers change tactics to avoid the protections that they have already seen, and advanced attackers continue to prove they can develop attack technologies that penetrate even sophisticated targets. At the same time, pedestrian attackers and automated campaigns rely on finding new victims for older attack vectors, so existing defenses need to remain strong. The IT Pro or security administrator needs to consider this blend of existing and expected threats when making recommendations to their organizations about areas to apply additional funds to maximize the total security provided after the next dollar has dropped.
The security investment model and diversification
In a security strategy, as in a financial investment portfolio, a conservative strategy requires assessment of two main areas: asset strength and portfolio diversity. Each investment needs to be validated as solid, so that the investment isn’t lost, and the portfolio needs to be diverse, either in markets or asset types, to ensure consistent performance against a variety of potential adverse conditions or threats. It helps to really think of your protection as a portfolio, and your choices as investments.
One of the leaders of this train of security thought is the current CSO of Aetna, Jim Routh, who has long treated the acquisition of security technologies as a forward-looking investment. He looks internally for areas needing improvement, and then externally for new ideas to fill the gaps created by new threats or deteriorating effectiveness of existing solutions. While you may not have Jim’s experience or Aetna’s scale, this is a good mindset to have.
Spending the Next Dollar
Evaluating the strength of your current security assets is straightforward: You, or your predecessor, acquired and deployed solutions that addressed a critical security challenge at that time. This strength will erode over time, as new forms of threat and entirely new classes of attack rise up, and this is where you need to entirely replace the existing solution with something new and hopefully better, or you need to diversify and add new protection to the infrastructure you have already deployed. & Whichever you choose, you should consider the following three questions in making your decision:
What specific improvements am I looking for?
Maybe you are subjected to a new threat from denial of service attacks, from targeted attacks against your own custom web applications, or you have read about ransomware’s path of destruction over the past couple of years. There are likely to be multiple areas, so take the time to prioritize the risks. As you look for solutions that can help — be they perimeter defenses, runtime protection, or threat detection and incident response tools — overlay any new provider’s functionality over your existing protections. You need to be able to identify the cost of your additional protection, and discount the value of redundant protection that the new solution may provide.
How quickly will I realize value?
Security weaknesses continue to add liability every day that they are left open, and the rapid evolution of the threats dictates that solutions lend themselves to rapid adoption. This is an area where there needs to be serious consideration of additional solutions versus complete replacement. It can be tempting to think about the |
| Envoyé | Oui |
| Condensat | related 2000 2009 2017what 7th able about access account acquire acquired acquisition add added additional addressed administrator adoption advanced adverse aetna aetna’s after again against aggregating ago all almost already also always america any applications apply april are area areas areas: assessment asset assets attack attackers attacks authenticating author automated avoid barkly before better blend burden but calls campaigns can cases centre ceo challenge challenges change choices choose classes companies: complete completely complex components computer concern conditions conservative consider consideration considered consistent continue contracts cost costly couple created critical cso cto current custom danahy data day decision decision: decisions defense defenses delivery denial deployed destruction detection deteriorating develop dictates director discard discount discrete disruption diverse diversification diversify diversity dollar dropped dwell each effectiveness either embedded ensure entirely erode essentially evaluating even event every evolution evolved existing expected experience externally eye file fill financial finding flexibility following foreseeable forms forward founder founding free frequent from function functionality funds future gaps going good got happens has have help helps here high hopefully house how ibm ideas identify impact implementation improvement improvements improving incident increasing infrastructure innovator integrated integration integrations integrity internally investing investment investments irreversibility irreversible isn’t issue issues it jack jim jim’s labs leaders led left lend level liability likely long look looking looks lost main making malware many market markets matured maximize may maybe migrating migration mindset model monitoring month more multi multiple nearly necessary need needing needs negotiations network new next north not now offerings older one open organizations ounce over overlay own painful particularly past patents path pedestrian penetrate perfectly performance perimeter pilots pioneer barkly pitfallsalien platforms portfolio potential predecessor pricing prior prioritize pro professional programmatic protection protections prove provide provided provider’s published purity qiave questions quickly ransomware ransomware’s rapid read realize really received recommendations redundant relates rely remain remove replace replacement represent represents require requires response rip rise risks routh runtime sales same scale security see seen serious service services several shift should siem simplest six sky solid solution solutions some something sophisticated speaker specific speed spending storiesten straightforward: strategy strength strong subjected successful suite system tactics take takes targeted targets technologies tempting themselves then think those thought threat threats three time times today tools total train treated trials two types understand unlike unnecessarily unwind user using usually validated value variety vectors versus victims watchguard watchword weaknesses web what when where whichever who why will without writer year years yet your |
| Tags | Guideline |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.