Bookmark and Share
RSS

Recent Posts

Computer Security Teams Face Many Challenges

March 5, 2018

This week, I start a new series on computer security. My focus is on today’s security threats and the steps that should be taken by companies to secure their assets. The phrase “computer security” is the broadest way to label security as it pertains to a computer system—hardware, software, people, procedures and data. In the upcoming series of posts, I’ll make a broad survey of the topic but for this first post–what is the right way to begin a discussion on computer security? 

What Does it Take to build a Healthy Security Environment?   
It’s useful to start this discussion by examining a security service from a leading services and software provider. What language do they use in their discussion? What challenges do they examine and what strategies are proposed to address the challenges? IBM Security has an approach that provides a good framework for a quick survey of today’s challenges and ways to address them.  
 
Security Requires an Integrated and Intelligent Approach 
The desire for integration is not new in IT and the absence of integration in a solution is immediately evident. Integration of a security approach is important because security threats can enter a computing system from multiple sources like a mobile device or other endpoint. Regardless of the source, performing preventive maintenance or handling the incident should be handled in a cohesive way that does not just consider just the first source of the threat. 
 
The idea of intelligence in an IT system is emerging rapidly. Having security intelligence as part of the security profile is important and intelligent security software is a tool. It’s used to keep up with the volume of known threats, as well as handle new and unknown threats. Handling unknown threats is a strategic advantage if you can achieve it. 
 
Integration is a key attribute of an effective security system; intelligence is a strategic way to proactively prevent, react and detect known and new threats. Both of these attributes must be part of a future solution. How do you get to a better future if your current approach is missing the mark?
 
Steps to Take to Improve Your IT Organization’s Security Posture
Start by making necessary change. Do you have a security strategy? If not, create one. By creating a strategy, you identify actions to take to carry it out. This is important. Do you have the right skills? Maybe the right first step in building the strategy is to get help. Bring in some expertise and get off to the right start in this project. 
 
As part of the strategy work, you’ll identify big ideas that will help you make a difference like reduce complexity to increase productivity. If you have been in IT for a few years, you know that complexity abounds. What actions can you take to reduce it? Can you reduce the kind of a class of devices being supported and secured or can you manage multiple different kinds of devices with the same toolset? This is one idea for reducing complexity. 
 
As part of your strategy work, address the question–do I need to build and staff a cognitive security operations center (SOC)? Why this question? Security is complex and challenging to get right while exposing individuals and companies to significant risk. If you centralize the skills and procedures does this help you do a better job of proactively stopping problems and addressing them when they arise? It’s important to know that establishing and operating a SOC can be expensive and challenging so organizations should need a good reason like complying with industry or government rules to develop one. 
 
Next, a Focus on Computer Security Hardware
Next week, I’ll continue the computer security topic with a focus on computer security hardware. An example of computer security hardware is a hardware security module or HSM (a physical computing device) that protects and manages digital keys for strong authentication and provides cryptoprocessing. HSMs can come in the form of a plug-in card or an external device that attaches directly to a computer or network server. One advantage of these devices is that they typically perform faster than software alternatives and can make a big difference in application performance depending on how the application using security was written. 
 

Posted March 5, 2018| Permalink

comments powered by Disqus