Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Risk Monitoring Provides Second Line of Enterprise Defence

InfoSecurity Europe : 05 March, 2010  (Technical Article)
Reed Henry of ArcSight explains the importance of enterprise threat and risk monitoring for the protection of critical business data and processes
See our events guide listing for more details

The perfect storm is upon us as sophisticated cyber criminals attack unprepared businesses. Today's cyber criminals have evolved their skills and techniques to such an extent that they can breach the network of any company at will. The secure perimeter protecting a business has become a thing of the past as cyber criminals target business after business to steal valuable data or threaten critical infrastructure.
CIOs and IT directors must recognise that they can no longer depend on perimeter protections to keep their assets safe. They must put in place a second line of defense that provides early detection and response to these breaches so the damage can be quickly contained and cyber criminals deterred. The 2008 Verizon Breach Study Report showed that 74 percent of the data breaches took weeks to months to detect and 69 percent were discovered by third parties - not by the company breached.

What are companies doing?

At the moment, very little, Businesses are complacent when it comes to the security risks they face. Because there is little public news of big data breaches or fraud incidents and relatively light regulatory pressures, security remains a low priority. According to Gartner, CIOs place security eighth on the technology priority list.
The top focus is on streamlining processes, deploying Web 2.0 technologies, and sharing data and applications with partners and customers. While this focus makes the business more competitive and adaptive, businesses are unknowingly introducing new vulnerabilities and risks into their environment that make it more difficult to head off the highly sophisticated cyber threats.

With these ongoing initiatives, companies have and are continuing to open up their four walls to collaborate with supply chains, customers, partners, outsourcers, consultants and remote workers. In this open and collaborative world, it is critical to know who is on the network, what data they are viewing and what actions they are taking.

How should companies respond?

Companies can't stop these mission critical projects as they are vital to their corporate well being. CIOs need to make IT security a priority and a new second line of defence must be drawn. As the secured perimeter fades into history, the new line of defence is an enterprise threat and risk monitoring platform that protects enterprises against threats and risks across all parts of the enterprise. In addition to protecting against malicious external attacks, malware attacks, network security incidents, and compliance violations, it must include monitoring of user activity that involves role, entitlement, policy violations, sensitive and classified data usage that is abnormal or unauthorized, and critical transactions that are fraudulent or violate segregation of duty policies.

How it all works

Cyber criminals and their tools of trade will leave a trail of digital fingerprints wherever they go. These fingerprint show up in log files and flows that can be collected and correlated against other log files (fingerprints) to detect the telltale signs that something is amiss, so rapid action can be taken.

Nowadays businesses can no longer be complacent to the security risks they face today. If these risks are ignored, the cyber criminals could do more harm to a business in a single attack than good is being done by all the high priority IT projects combined. Enterprise threat and risk monitoring will provide the necessary second line of defence to secure critical business processes, data, infrastructure, and customer and partner interactions, and in doing so, quiet the perfect storm.

ArcSight is exhibiting at Infosecurity Europe 2010, the No. 1 industry event in Europe held on 27th - 29th April in its new venue Earl's Court, London. The event provides an unrivalled free education programme, exhibitors showcasing new and emerging technologies and offering practical and professional expertise.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo