Don't Let the IT Security Paradigm Shift Leave You Stranded

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12
Next Don't Let the IT Security Paradigm Shift Leave You Stranded-7 Next

Solution and Service Investments

This should be the biggest area of focus. When procuring new solutions or services, ask: Will this purchase enhance my understanding of new threats or is it just a better enforcement/policy mousetrap? When upgrading an existing security portfolio, seek solutions that are heavily tilted toward intelligence while providing the necessary policy/enforcement as simple add-ons or freebies. One example would be investment in endpoint AV software; instead of upgrading the existing AV software, see if it makes sense to use free AV solutions from reputed vendors and combine it with investment in next-generation network or endpoint malware detection and response tools.

Another area to look after is compliance. Compliance directives take years to catch up to the new realities. If required by the compliance directives, seek products that would also help in the "intelligence" bucket while satisfying the old compliance requirements. One example of this would be IDS/IPS products. Instead of investing further in these areas, look at network-based threat detection technologies that may provide this functionality as a simple add-on or base capability.

In general, if you are writing a large check for endpoint antivirus, Firewall, IDS/IPS etc., pause and ask if this investment improves your "intelligence" capabilities. If not, consider how this investment can be minimized in order to align the remaining funding with the security needs of today.

Security is a hot topic today. Only a few years ago, security was on the back burner of most IT departments, seen as a necessary evil with few executives ever exposed to it. With the recent spate of high-profile attacks and ensuing losses, IT security is now viewed as the difference between an organization's ability to carry out its mission and going out of business. This is why security is a topic frequently appearing on board meeting agendas and piquing the interest of C-suite executives.

While funding and awareness have increased, it is unclear if organizations are making investments in keeping up with the evolving security landscape. A lot of the newly available funding and resources have been allocated to the existing funding gaps and "perceived" deficiencies in an organization's security posture. This is why IT security is a $58B market today but organizations are not any safer than they were a few years ago. In this slideshow, Shel Sharma, marketing manager at security startup Cyphort, discusses the evolution in the security landscape and how to align new security budgets and resources with this new paradigm vs. investing in more of the same old security.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

Privacy rollback Security Pros Give Their Opinions on ISP Data Privacy Rollback

IT staff, organization leaders, and the average citizen have all expressed levels of concern over the FCC about-face in regard to ISP privacy. Here’s what the security experts say. ...  More >>

IT security skills 7 Top Skills for Security Pros

Executives at several top tech firms outline the skills they need now and in the near future, including IaaS and IoT security expertise. Other skills listed may surprise you. ...  More >>

IT security careers The Most In-Demand Security Jobs and How to Get Them

Security professionals are in demand right now, and entry-level security jobs generally fall into either an engineer or analyst role. Find out more about required skills and career paths. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.