Despite increasing concerns over the safeguarding of corporate and client information databases and a global drive towards stronger regulation regarding privacy, many businesses have only limited capabilities in place to detect and react to point-in-time breaches.
“Chief IT officers today need to be more than just stewards of the business and strategists. They have to be aware of the potentially disruptive capabilities of cloud, social computing and mobility that are changing the world of business and transforming how business is done.
CIOs should also be cognisant of the fact that the majority of vulnerabilities facing corporates are assessed and acted upon according to past events.
“They are not based on emerging cyber-threats or on the actual risk profile of organisations. Protecting vital information assets demands a ‘cyber approach’ that covers a full spectrum of functional issues. A ‘protect the perimeter and respond when attacked’ mentality is no longer sufficient.
“Cyber intelligence today represents a vastly more sophisticated and full set of threat management tactics. They take the vital step of providing tools to move to a more proactive threat awareness posture that looks beyond existing corporate horizons,” said White, adding that cyber intelligence, for full effectiveness, should be considered over three areas in 2011 and into the future, namely:
White encouraged IT professionals to move away from perimeter intrusion and protection, identity and access management solutions, manual technology solutions and the traditional role of the Chief Information Security Officer as a technologist with deep domain knowledge, but without a seat in the boardroom.
“Cyber security is now increasingly framed as a combination of architecture, practices and processes, with equal focus demanded on internal and external threats.”
“Highly integrated tool sets and investments in cyber analytics have helped identify previously undetectable exposures. Automatic identity management tools are incorporated into day-to-day tasks, including smart cards, biometrics, and fingerprint and handprint scanners. As befits the changing demands of the environment, the role of the CSO has also changed, demanding a blend technology and leadership skills.”
The challenges associated with cyber forensics are based on the premise that incident investigations would conclude once root-cause analysis had taken place. Organisations need to approach this from a more holistic viewpoint added White.
“Cyber forensics is now looking at the network layer and determining the source of malware. This is correlated with other internal and known external threats using cyber analytics in an attempt to inform of future vulnerabilities”.
Cyber analytics, said White, has now morphed from a reactive solution to one which is based upon prediction and continuous refinement.
“Cyber analytics in 2011 is an established tradecraft of analytics, reinforced by the realisation that threats and opportunities are often hidden in plain sight” White added.