Organizations Should Conduct Regular IT Security Fire Drills

NEW YORK, Jan. 15, 2015 /PRNewswire/ -- Dimension Data, the $6 billion global ICT services and solutions provider, today announced that security 'fire drills' supported by executive management and the risk committees should be conducted regularly by organizations in order to understand the appropriate course of action in advance of a security breach. Neil Campbell, group general manager for Dimension Data's security business unit, points out that technologies and services focused on incident response – rather than just incident prevention – should be one of the trends high on the agendas of security professionals in 2015.

This is the top trend on the list of Dimension Data's team of security experts, following daily interactions with clients. Data breaches such as the March 2014 Target hack – the biggest retail hack in U.S. history – as well as allegations of state-sponsored hacking, are a strong warning that organizations need to move beyond focusing purely on the prevention of security incidents, and start to concentrate on what they will do when an incident occurs.

"It's inevitable that security incidents will occur. Therefore, it's critical that organizations begin to focus on identifying what we call 'indicators of compromise', putting a comprehensive incident response plan in place, and performing regular IT security fire drills," explains Campbell. He explains that regular fire drills – or rehearsals – will ensure that in the event of an incident, IT and management teams are clear about what needs to be done, and as a result, the business is less at risk. This includes recovering evidence, identifying and resolving the root cause of the incident (not just the symptoms), and undertaking a forensic investigation.

So what other issues are on the watch-list in 2015 for IT security professionals? 

Matt Gyde, Dimension Data group executive – security business unit, says, "We've identified what we believe to be five of the most significant trends in our industry for 2015. These are not the only areas where change is occurring, but they certainly warrant discussion."

He points out that a trend that did not make the top five but is closely linked to the list is the use of data and machine learning. When coupled with human interaction, these can create actionable and contextualized intelligence. Gyde says, "This enables organizations to make rapid decisions on how to protect themselves against a pending attack, how to respond during the attack, and what action to take post-attack."

¹In the Target hacking incident, signs of the hack showed up in their event monitoring systems but had too many alerts overall and the importance of these signs were missed. Important to note that the CIO and then CEO were dismissed over this incident.

Trend # 2 - Managed security services move front and center
For most businesses, identifying IT security incidents swiftly requires 24/7 coverage of the network environment. This can be costly; IT security professionals are scarce and require regular training to keep abreast of ever-evolving technologies. However, there's a drawback to the insourcing model. Campbell explains that to become truly proactive about incident response, organizations need visibility of other networks and to be kept abreast of attacks occurring elsewhere.

Gyde agrees that in recent years, security management and monitoring have become more complex and time-consuming. Today, you need to prevent what you can, and manage the inevitable compromises. This means optimizing your detection and response capabilities. Many businesses lack the skills required to detect and effectively respond to threats in this manner.

Gyde goes on to explain, "Managed security services providers have teams of security professionals focused exclusively on identifying potential malware and monitoring thousands of clients' networks for precursors to denial-of-service attacks. Incidents don't happen out of the blue: usually there's 'chatter' on the popular 'dark Web' channels beforehand. Dimension Data, for example, monitors these channels very closely which significantly increases the likelihood that we can forewarn our clients ahead of impending attacks."

Trend # 3 - IT security gets cloudy
Both Campbell and Gyde predict a continued increase in the adoption of cloud services for security in 2015. This holds true for software-as-a-service (SaaS) solutions, such as secure Web proxy, and secure email in the cloud. These solutions are particularly attractive as the implementation effort is negligible – you're simply redirecting traffic to take advantage of the service through a consumption-based model. And the services are highly scalable. If you need to support 20,000 users today and you acquire a company and your headcount suddenly increases to 30,000 in six months, you simply amend your licence agreement, and your new employees will be up and running immediately.

Application security in the cloud and cloud-based, distributed denial-of-service controls such as those offered by Akamai are other areas of growing interest.

Security of the cloud will become increasingly important as more organizations move their workloads to the cloud. Campbell says, "It's no good adopting this model only to be told by your auditors a year later that your cloud provider's security protocols aren't up to scratch. I believe we'll see cloud providers investing heavily in building rich network architectures that support the gamut of security controls, so that they can assure their clients that enterprise-grade security technologies are being applied to their workloads."

Gyde agrees that there is still some work to be done within the cloud industry and security. The most secure platforms in the world can still be compromised by human error or poor management. Another area that needs attention is integration with existing organizational policies and processes. "It's very easy for start-up companies to transition to the cloud as they have no legacy physical infrastructure and can implement "greenfield" security controls. Larger, more established businesses find the prospect of cloud more daunting, as they're unsure of how to adapt their security controls, policies, and processes to this model," says Gyde.

Trend # 4 - From security technologies to secure platforms
2015 will also see the notion of security being a secure platform, rather than a series of point products or devices on the network gaining traction. The expectation on security professionals will be to deliver a secure platform that allows the business to confidently run multiple applications, in a secure environment.

Gyde says, "For many years, organizations typically bought multiple security products from different vendors. While this helped create 'defence in depth', it also introduced complexity and potential risk. After all, 95% of successful attacks may be attributed to human error, rather than technology."

Increasingly, organizations are weighing their risks and making buying decisions that aren't necessarily based on best-of-breed technology and are instead adopting a pragmatic, risk-based approach where they work with their existing infrastructure and partners to manage their risks to an acceptable level, rather than aiming for, but never achieving, 'perfect' security.

The concept of cloud and its pay-per-use model is also relevant to this discussion. Organizations want to replicate the consumption-based approach of cloud in an on premise model, either independently owned, or owned by a trusted service provider or vendor. Increasingly, organizations prefer security partners that are prepared to take on some of the financial risk, while also offering a flexible service construct for example -- one that allows them to turn on a firewall at short notice to deal with a specific event, and then spin it down when the requirement has passed. 

The notion of a secure platform directly relates to organizations' desire for a 'single pane of glass' through which to manage their security assets, delivered on premise, hosted, or as cloud infrastructure. Essentially, this enables robust security to follow an organization's applications, data, and workloads without any compromises or changes in technology or management being required. This approach also supports and aligns with enterprise mobility requirements for corporate data to be accessible to users anytime, anywhere, and from any place. 

Trend # 5 - Endpoint security back in vogue
Campbell predicts resurgence in interest in endpoint security in the industry. He says, "This is closely tied to the first trend we discussed − incident response − and the fact that some traditional network-based security controls aren't as effective as they used to be. Security professionals will be looking at devices – whether they are PCs, Macs, or smartphones – for indicators of compromise, and then enabling some form of incident response process. They'll deploy technologies to endpoints to make incident response easier."

Application control is also expected to re-emerge as a key focus area for 2015. However, emphasis will be on identifying malicious activity on the endpoint, rather than malicious code. "While user awareness of information security best practices is a key priority, at some point someone is going to click on something they shouldn't, so organizations must be proactive about managing the impact of such events," Campbell concludes.

About Dimension Data
Founded in 1983, Dimension Data plc is an ICT services and solutions provider that uses its technology expertise, global service delivery capability, and entrepreneurial spirit to accelerate the business ambitions of its clients. Dimension Data is a member of the NTT Group. Visit us at http://www.dimensiondata.com/en-US and www.facebook.com/DimensionDataAmericas or follow us on Twitter: @DimensionDataAM.

Logo - http://photos.prnewswire.com/prnh/20120402/NE80686LOGO

SOURCE Dimension Data

Related Links

http://www.dimensiondata.com