Todays Information Security Trends

by : Gsmyth

According to security specialists, "Security practitioners must escape the ineffective, reactive loop of traditional approaches by proactively engaging with business units, getting involved earlier in the information technology (IT) development lifecycle, and including more deterrence and preventive measures in the protection posture."

The best method to achieve this is to be pro-active dealing with today's information security challenges. To be pro-active means acting in advance to deal with an expected difficulty.

1) Proactivity is the key.

Mass collaboration is a new social, business and technology trend that has changed the global market place, but at the same time it has also opened up a host of non-traditional security threats.

An "open" global marketplace, however, has a profound effect on IT security. According to a specialized research report recently released, "Attacks are quieter and more targeted than they used to be. They tend to be better crafted and more effective than broad-spectrum virus or worm attacks ... and the level of damage is greater."

The best way to protect yourself is to integrate security into all technologies and devices and create a secure infrastructure. Chief Security Officers need to become more proactive, starting with business planning and by ensuring that information security is a priority on boardroom agendas.

2) De-perimeterisation.

Wikipedia defines De-perimeterisation as "a concept/strategy used to describe protecting an organisation's systems and data on multiple levels by using a mixture of encryption, inherently-secure computer protocols, inherently-secure computer systems and data-level authentication, rather than the reliance of an organisation on its (network) boundary to the Internet."

2.1) Proactive steps to address de-perimeterisation

2.1.A) Use perimeter control points to surround sensitive collections of resources.

Create control points where they are needed: on the network, hosts or sometimes around the content. Also create perimeters around various subsets of the user population on the network level, or around the data centre in specific geographic locations, or even virtual perimeters around business unit IT resources.

2.1.B) Deploy your control points depending on your business requirements.

Adopt a combined architecture approach to security by including an appropriate balance of perimeter, identity, endpoint and content control points.

2.1.C) Develop a holistic architecture that includes an appropriate balance of perimeter, identity, endpoint and content control points.

Organisations need to develop their own architectures and models, and insert products as necessary when they are good fits.

3) OS Security

Operating systems are no longer a specific entity with constraints that we can think about in simplistic security terms. Their complexity comes from layering and embedding functionality and sharing libraries and device drivers.

3.1) Proactive steps to address OS security

3.1.A) Slow down your patching.

3.1.B) Push for more information sharing among anti-malware vendors, and between customer organisations and vendors, to build better, real-time active lists of malware and other problems out there.

3.1.C) Consider host intrusion prevention systems (HIPS) and application control.

3.1.D) Consider deploying NAC, TPMbased volume encryption and other protection technologies that will move into the mainstream over the next few years. Think management of assets and configurations instead of compromised systems.

4) Information-centric security

An information-centric architecture requires proactive discovery and classification, engagement with the business, as well as layered protection. The real issue is "Which users have access to information, and what are they supposed to do with it?"

4.1) Proactive steps to address information-centric security

4.1.A) Engage business and legal teams to understand specific information characteristics and life cycles.

4.1.B) Encryption should be targeted and well managed.

5) Compliance

Regulations are in some respects similar to an attack on the enterprise, and are indistinguishable from other types of threats in that they create a negative impact. A compliance response tries to control the risk created by the regulation. The response drives up costs and places pressure on competitiveness.

5.1) Proactive steps to address compliance

5.1.A) Create a strategic security programme that is inherently compliant.

5.1.B) Change compliance processes slowly and rules may change as quickly as necessary.

5.1.C) Engage the legal team early and intimately, and create a defined communications channel and escalation process between legal, compliance and IT groups.

6) Creating a Secure Infrastructure

Security solution providers should utilise in-depth knowledge of the converged network and all its vulnerabilities, opportunities and challenges, to plan, build, support and manage a secure infrastructure for their clients - an infrastructure that is secure and adaptable enough to support clients' business applications, core network and information, today, tomorrow and beyond.

To achieve a Secure Infrastructure, you are recommended to consider the following areas:

6.1) Perimeter Security

6.2) Intrusion Management

6.3) Content Security

6.4) Access Management