The next step is a big one one for most security staffs, and ingrained legacy security models can present large obstacles. Many of today's infosec strategies are rooted in concepts developed decades ago, and while these concepts still apply to components of a successful program, they do not provide the framework for a holistic security model. They certainly don't incorporate the triage concept.
So should corporations stop purchasing firewalls? Should they move users into their DMZs and ditch their network IDSs?
Certainly not. However, they should move many of the tools and techniques used at the perimeter closer to critical assets. Organizations would be wise to invest some energy in first determining what they are protecting, then analyzing how best to protect it.
Greg shipley is the CTO for Chicago-based security consultancy Neohapsis. Write to him at [email protected].
Think publicly reported monetary costs of intrusions are chilling? Consider this: According to 8,100 global technology and security professionals polled by InformationWeek, only 18 percent report incidents to CERT or government authorities, and only 14 percent keep business partners in the loop.
If you have not yet crafted an asset-centric, defense-in-depth strategy, this is your wake-up call. Organizations don't need more expensive security controls, they need more effective ones, and there are a few points that can help the process: A holistic approach that balances policy, process and technology is paramount. We must become less perimeter-centric and more asset-centric, because the reality is, we can't protect it all. Bulletproof security does not exist.
To realize the benefits of cloud-native software, an application must actually be cloud-native—designed to run in the cloud, interacting with disaggregated cloud services, fully manageable as code—to deliver the expected benefits.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
