Don't Let the IT Security Paradigm Shift Leave You Stranded

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12
Next Don't Let the IT Security Paradigm Shift Leave You Stranded-7 Next

Solution and Service Investments

This should be the biggest area of focus. When procuring new solutions or services, ask: Will this purchase enhance my understanding of new threats or is it just a better enforcement/policy mousetrap? When upgrading an existing security portfolio, seek solutions that are heavily tilted toward intelligence while providing the necessary policy/enforcement as simple add-ons or freebies. One example would be investment in endpoint AV software; instead of upgrading the existing AV software, see if it makes sense to use free AV solutions from reputed vendors and combine it with investment in next-generation network or endpoint malware detection and response tools.

Another area to look after is compliance. Compliance directives take years to catch up to the new realities. If required by the compliance directives, seek products that would also help in the "intelligence" bucket while satisfying the old compliance requirements. One example of this would be IDS/IPS products. Instead of investing further in these areas, look at network-based threat detection technologies that may provide this functionality as a simple add-on or base capability.

In general, if you are writing a large check for endpoint antivirus, Firewall, IDS/IPS etc., pause and ask if this investment improves your "intelligence" capabilities. If not, consider how this investment can be minimized in order to align the remaining funding with the security needs of today.

Security is a hot topic today. Only a few years ago, security was on the back burner of most IT departments, seen as a necessary evil with few executives ever exposed to it. With the recent spate of high-profile attacks and ensuing losses, IT security is now viewed as the difference between an organization's ability to carry out its mission and going out of business. This is why security is a topic frequently appearing on board meeting agendas and piquing the interest of C-suite executives.

While funding and awareness have increased, it is unclear if organizations are making investments in keeping up with the evolving security landscape. A lot of the newly available funding and resources have been allocated to the existing funding gaps and "perceived" deficiencies in an organization's security posture. This is why IT security is a $58B market today but organizations are not any safer than they were a few years ago. In this slideshow, Shel Sharma, marketing manager at security startup Cyphort, discusses the evolution in the security landscape and how to align new security budgets and resources with this new paradigm vs. investing in more of the same old security.


Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

More Slideshows

Social14-190x128.jpg 10 Ways to Improve Your Social Media Security Policy and Posture

When phone calls, video conference information, pictures, chat logs, etc. are all stored in a central location via social media, a potential hacker has access to just about everything, quickly and easily. ...  More >>

Security120-290x195 5 DDoS Myths Debunked

Unearth the real story behind five commonly held myths about distributed denial-of-service attacks. ...  More >>

Security119-190x128 8 Tips for Ensuring Employee Security Compliance

IT security ultimately depends on making sure employees use the appropriate tools and comply with policies designed to protect them and their data/applications. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.