A more prudent approach for an organization is not to purchase every defense technology available or that it can afford, but rather, concentrate on ensuring that those that are acquired meet the needs of the organization’s operations and infrastructure. Data collected from IDS alerts, endpoint solutions, and intelligence feeds must not serve as independent and unrelated sources of information but integrate with one another in a synchronous complement in order to better inform network defenders and enrich the security environment as a whole.
This is increasingly important as hostile activity continues to increase and manifest into a significant number of alerts that are registered on a daily basis. Being able to collect, assign value, and prioritize this information is the new challenge that must be addressed. It is our new security reality.
Therefore we are entering a new evolution in cyber security “best practices.” While defense-in-depth remains a popular approach, the seamless integration of security products is fast becoming the priority as customers look to adopt different devices from different vendors. The more these devices can be assimilated, the better-positioned organizations will be to quickly detect, mitigate, and maintain their resiliency to attacks.
In this regard, customers may be helping drive this new evolution. Those products that can’t work together by design and function may find themselves spurned in favor of those that do. Because in the end a recurring theme within the cyber security is that it must be a collaborative effort; whether via the sharing of timely threat information between private and public sectors, or the ability to work across platforms. No one device has succeeded in getting the job done alone. It’s time for the cyber security industry to step up collectively, integrate, and do its part.
Sign up for MIS Asia eNewsletters.