In today's "new normal" world of information security to keep yesterday approaches, the bad guys have been made effectively useless. Simply put, It is my opinion that it is no longer possible to protect your personal information or your company's intellectual property by a reactive strategy is maintained.
multiply as traditional volumes decrease in size, but with each new mobile device or IoT connected endpoint, the aggregated threat vector increases, whereby traditional methods completely ineffective.
It's time to tear up the playbook and rethink how to move with proactive attitude - one that should be regarded as an imperative, not a nice-to-have
was in the heart of many of the best examples of modern, effective security postures that I have seen. the concept of using intelligence to assist the desired results of each of the key cornerstones go, Deter, Detect, Respond, Remediate. as in the physical world, we search for law enforcement and government agencies use intelligence to protect them from harm, we must embrace the same philosophies in the virtual world - we are the cyber war in a relentless state and we must prepare for the ongoing battle to out-think and out-smarting the enemy.
prevention is a pound of cure. - Benjamin Frankin
With respect to the role that intelligence plays in the new normal, I think it as a combination of Human & Artificial -. each with a key role and each as important as the others to play in the successful implementation of a progressive, adaptive security situation
Human Intelligence - this is a frequently neglected, yet critical part of line of defense. It is a game of hearts and minds, and each organization has its employees, contractors and partners see as an extension of their firewall. For human intelligence element to be effective, companies must commit deliberately the boundaries between personal (home) and corporate (in-office) blur safety - design scenarios and exercises that social engineering or phishing attacks and the use of these results imitate consistently to address gaps in how those employees, contractors and partners behave and handle suspicious scenarios.
targeted use The rapid growth in ransomware where attackers seek social engineering techniques to "lock" files with their own encryption and unencrypt to provide sum of keys available strong demand, on the front of newspapers called the world and is another example of why it is important to educate, educate, educate.
Artificial Intelligence - this is a new paradigm, and perhaps the best weapon, any organization could have in today's rapidly changing threat landscape. Collecting, analyzing and acting on the system and log information is of fundamental importance to the "Hand-to-hand combat" approach, which is to keep the bad actors in check required. Attackers use more traditional methods to break through firewalls; they are much more sophisticated and advanced persistent threat tactics - which may include dormant leave for months at a time, Remote Access Trojans - so it is important to have an "East-West" Add view to the existing "North-to accompany the South" view so that lateral movement of data and network activity can also be measured and evaluated.
key uses an artificial intelligence approach that is able to derive anomalies from the vast amounts of information that are recorded in log management solutions and security information and event management (SIEM) systems. The use of readily available machine learning techniques can anomaly detection algorithms help an organization provide, provide "X-ray vision" in activities on their corporate networks and an advantage over the attacker.
As CTO, it is a question, which arises from the customers and over again.
"What advice would you give us about where we spend our time, effort and money should prevent or quickly identify and remediate threats"
is My answer always the same, regardless of the customer or the industry: "the fact that many organizations go months"
. Indicators of compromise "- that is the rethinking you must quickly identify" indicators of attack "and you have to act like you have been injured before they realize that they have been compromised means that there are enough tools do not exist Adopted. , you are just now at risk today and then think about how it architect segmentation on access, network, application and data level. you also need more visibility to determine a basis for which activity is valid, ie. bandwidth usage, the users connect, typically communicate from where, the networks at what times and what the normal traffic, so that abnormal traffic can be use out "x-ray" vision. for example, an opportunity to see the attacks on Web applications to win with NetScaler Security Insight, using the application firewall feature to better identify and prioritize attacks for more effective triage. Security Insight analyzes the NetScaler configuration and highlight inconsistencies that weaken the security situation. "
At Citrix, we're fanatical about security and are eager to help a portfolio of solutions-across the entire enterprise to provide that our customers address their security and compliance requirements and maintain their data secure in transit, in use and at-rest.
0 Komentar