Evolution of technology has made us many times smarter, miles more efficient and able to deliver services and products that were unheard of a few decades ago. But is has brought with it its own threats and challenges. Information technology, and more recently, mobility technologies, the magic wand that miraculously provided rocket fuel to all our business processes, has sweat holes that can also leak away the entire future of enterprise. Security concerns hit hardest where there is most to secure. Banks! Everybody’s money, all the transactions, billions of dollars’ worth of businesses, not to mention market standing, …and trillions of dollars’ worth of savings- can be eliminated in just one bug’s worth. A hacker, sitting in the remote innards of a countryside, can bring the worlds’ biggest financial systems, aviation systems, business and all activities, on their knees.
We are all aware of the threats, and enterprises are becoming increasingly conscious of the fact that not strategizing for an Advanced Persistent Threat or lack of preparedness for a DDOS( Disturbed Denial of Services)- attack can bring the entire business down. They also know that having policies, processes coupled with Perimeter security appliances are not enough. While compliances are driving the basic security framework, the ever emerging and ever evolving threats needs some more focused measures. And the current ad hoc measures, mostly knee jerk and point solutions, add no muscle to the fight.
The focus has to shift from prevention to detection. Most enterprises have an extremely heterogeneous technological environment when it comes to security. Getting all this heterogeneity on one platform, integrating it and analysing the situations would be difficult. This is the ripe time for integration of security devices and measures. What will be needed then is a Security Information and Event Management (SIEM) solution that will help log, analyse, classify and assess data. Monitoring, analysis and response – could all be centralised under a sharpshooting team – manned by skilled people, run by mature and tested processes, written in stone by an efficient and clearly defined governance structure and enabled by the bests in class technology. A Security Operations Center (SOC) built on a standard SIEM with an integrated vulnerability management system could well be the answer to the gnawing and growing security threats.