Cybersecurity
Issues of Today, a Path for Tomorrow
by
Book Cover & Preview Text
My conclusion is that information security is seriously struggling to meet the requirements expected of it. There is a constant churn of security companies and organizations working to extend existing products, or create new ones to try to address old and new security issues and discovered holes. This process reminds me of the proverbial elephant in the room, with everyone trying to identify what it is while blindfolded and only being able to touch one obscure part of its body. As we’ve all found in many high profile attacks, the difficulty of identifying the failures are also hidden because the organizations are dealing with the complexity of their own environments that only give them tunnel views into a situation which comes from a dearth of tools that can actually deliver visibility into the issues. When you then included the stealth and obfuscation used by hackers to further their aims which also take advantage of security and network complexity as well as yet to be discovered security issues, one can understand not knowing the look of the elephant. And these issues continue to be exacerbated by an ever more complex and overwhelmingly active computing and security environment. All of this further blindfolds security’s ability to either spot a perpetrator chase down what the perpetrator is trying to do, or simple try to assess where they are currently in the organizations network. So not only is everyone trying to identify the elephant by touching one part at a time, the elephant also continues to move and change position, so no one can pin anything consistently down even if they did finally figure out a part they were touching. From a security standpoint the hacker is like a dancing elephant to the blindfolded audience, difficult to pin down but devastatingly effective at damaging an organization as they joyously steps on everything in its midst.
It is clearly difficult for any security organization or person, no matter how good it or they may be, to quickly develop a complete and overall picture of a hacker’s attack. This is even more difficult as most organizations have a difficult time establishing what an ideal condition or baseline state their systems and security should be. Without that, it’s difficult to clearly determine whether they are being effective, if so how effective, and if it may be failing, how. The fact is much of security continues to be a reactive, groping in the dark methodology to address attacks, with the hope that if something is discovered (while praying nothing will be discovered) that a rapid reaction can be applied effectively to block or clean out the threat. Historically security is a lot of targeted effort at a perceived threat based on what a defender can observe with their tools. Often these actions are a reasonable reaction to what is understood regarding a threat, but are often either too late or misaligned with the actual threat. This makes sense when one realizes how difficult it is to really pinpoint a threat in order to aim your protection perfectly at it, but the fact is many of these are just knee jerk reactions. The unfortunate aspect is that just because an organization has reacted to a perceived threat, doesn’t mean they’ve moved in the best direction either at that moment, or for the longer term. Unfortunately this doesn’t scale well with the increasing complexity of networks. The growth of potential areas for compromise has grown exponentially and methods and tools have still been more about a knee jerk reaction, just more frequently, with the frequency most likely simply decreasing the accuracy to an actual threat, which have become more systematic over the last five to ten years, taking advantage of the tendency of security to be reactive.
Formats
Book Details
About the Book
Organizations and security companies face tremendous obstacles to keep information safe yet available, regrettably the complexity of security impairs this goal.
Almost every day, we read headlines about breaches that devastate organizations, causing damage and continually reinforcing how arduous it is to create and maintain a solid defense.
Dan Reis, a cyber security professional with over 15 years in security discusses an array of issues, and explores topics organizations and security professional wrestle with to deploy and maintain a robust secure environment. Some views that hinder security’s efficacy:
That users can protect themselves and their organization
That IT security can see and make sense of everything happening in their network
Security complexity will decrease over time using current tools and methodologies
It’s no longer viable to continually add new product or features and expecting improvement in defenders abilities against capable attackers. Instead of adding yet another layer, solutions need to better utilize and make sense of all the data and information already available, but too often is latent intelligence that is lost in all the noise.
The book identifies some key issues as to why today’s security has difficulties. As well, it discusses how an area such as better visibility into existing information can create threat intelligence, enabling security and IT staff in their heroic efforts to protect valued information.
About the Author
Dan Reis has spent more than twenty-five years in the technology field in Silicon Valley. He was director of product marketing at Nokia Internet Security and director of product marketing at Trend Micro. He is currently the director of product marketing for a leading cyber intelligence company. He has earned a bachelor’s degree in economics, an MBA, and a master’s degree in information systems security.