CYBERTHREAT IN THE DIGITAL AGE

CYBERTHREAT IN THE DIGITAL AGE

Is prevention possible?

The obvious question then is whether prevention is possible. I think that most security professionals and practitioners would agree that total prevention is not possible. This is disheartening but also no different from any other major risk factor that we have ever dealt with over time. So, the real question is whether prevention is possible to the point where the incidence of successful attacks is reduced to something manageable from a risk perspective. I believe that this is possible over time. In order to achieve this outcome, it is an imperative that cost leverage is gained in the cyber battle. This leverage can be attained by managing the cyber risk to an organization through the continual improvement and coordination of several key elements: technology, process and people, and intelligence sharing.

Technology It is very apparent that traditional or legacy security technology is failing at an alarming rate. There are three primary reasons for this:

 The first is that networks have been built up over a long period of time and often are very complicated in nature, consisting of security technology that has been developed and deployed in a point product, soloed approach. In other words, a security “solution” in traditional network architecture of any size consists of multiple point products from many different vendors all designed to do one specific c task, having no ability to inform or collaborate with other products. This means that the security posture of the network is only as “smart” overall as the least smart device or offering. Also, to the extent that any of the thousands of daily threats is successfully detected, protection is highly manual in nature because there is no capability to automatically coordinate or communicate with other capabilities in the network, let alone with other networks not in your organization.  Second, these multiple point solutions are often based on decades-old technology, like state full inspection, which was useful in the late 1990s but is totally incapable of providing security capabilities for today’s attack landscape. And third, the concept of a “network” has morphed continues to do so at a rapid pace into something amorphous in nature: The Internet of Things, and other macro technology trends that have the impact of security professionals having less and less control over data.

Conclusively:

In the face of these challenges, it is critical that a few things are true in the security architecture of the future:

First is that advanced security systems designed on definitive knowledge of what and who is using the network be deployed. In other words, no guessing. Second is that these capabilities be as natively integrated as possible into a platform such that any action by any capability results in an automatic reprogramming of the other capabilities. Third is that this platform must also be part of a larger, global ecosystem that enables a constant and near-real-time sharing of attack information that can be used to immediately apply protections preventing other organizations in the ecosystem from falling victim to the same or similar attacks.  

By:  ULAYA SIJALI A. (BAPRM 42681)