When it comes to IT security, there has been a palpable shift in philosophy in the last year. Instead of focusing on defending the network perimeter, IT organizations are assuming that to one degree or another, their systems have already been compromised. The real issue is not only how quickly those attacks can be discovered, but also how fast they can be remediated.
Looking to close that IT security loop, Bit9 announced that it has acquired Carbon Black, a provider of an automated IT security incidence response system. Bit9 CEO Patrick Morley says rather than focusing on the network, the primary Bit9 mission is to secure endpoints and servers where the data that is being compromised resides.
Carbon Black, says Morley, extends that capability by giving customers the tools they need to respond to the inevitable compromise. That’s critical, says Morley, because most sophisticated security attacks take a while to perpetrate, which means IT organizations should be able to discover many of the tell-tale signs of a cyberattack while it’s in progress.
Bit9 is hardly the only security vendor trying to create a closed-loop system that not only protects assets, but also provides the tools for discovering threats and ultimately remediating vulnerabilities. But rather than throwing a bunch of expensive IT services at that effort, Morley says Bit9 wants to pursue a more automated approach that ultimately reins in IT security costs. To that end, Bit9 also announced that it has secured an additional $38.25 million in funding to execute that vision.
The IT security standard that organizations are being to held to is quickly evolving. It’s no longer enough to have firewalls and antivirus software installed; organizations will soon also be held accountable for how quickly they respond to the inevitable compromise.
The good news is that the quickening the pace at which organizations respond to attacks not only helps limit damages, it also makes it less profitable for purveyors of malware to launch an attack in the first place. Security threats, of course, will always be with us. Right now, though, very few economic deterrents prevent someone from launching an attack. But the right combination of analytics and incidence response systems can go a long way toward making it less economically attractive to even attempt an attack.