Information is the lifeblood of any organisation today. Moreover, the ability to analyse and apply information strategically is critical to the survival strategies of most industries and sectors, says Andrew Chester, chief information security officer at Ukuvuma Solutions.
When users consider the extent to which information security has matured and what is now available to practically any company, clearly security within the commercial sense has evolved into a dynamic and highly interesting phase of development.
There are many signature phrases that help differentiate and define information security. Phrases like unified threat management (UTM) have represented the move toward more intelligent security services, or that which is based on the combination of physical and logical security controls.
Given that UTM was predominantly used for border, or perimeter, security within a networked environment, users are seeing a few “leaders” and “visionaries” within the security manufacturing field produce the next set of important technologies – these pieces of tech being namely next-generation devices with identity-integrated UTM.
Security and IT professionals can now start moving away from “old IP-based technology”, and move toward identity based technology which follows just that – the identity and behaviour of a service, or person and inspects that behaviour on a level which IP-based technology cannot comprehend at all.
It is a logical level, one which has the aim to surpass traditional methods of detection and security and move into an even more intelligent realm – the human realm. This is the largest threat to any cyber- or information security initiative.
One of the only hurdles in this new realm is that only a few manufacturers currently have the vision to produce this next generation technology, others are still only further developing the traditional technology of building bigger walls with more traditional IP and policy-based features, thus only building larger walls out of different materials and not the old brick and mortar any longer.
But to what extent is the market aware of the relevance and power of converged security solutions? The simple answer is there is not extensive awareness.
The actual answer is that it completely depends on several factors – does the company have an information security (InfoSec) department? If not, do they have an InfoSec partner? If the answer to both of those questions is no, then the answer to the original question is “definitely not” and the actual question changes to “how long is that company still going to survive today?”
If the company has an InfoSec professional, department and/or partner – what do they base their decisions on and how much research and development do the InfoSec professionals do.
Information Security professionals who do not conduct research & development today are still basing decisions on the “building bigger walls” analogy mentioned earlier.
However, if they do practice even a reasonable amount of R&D then they will realise that it is not entirely about the benefits of converged solutions, let alone the solutions themselves – it is more about what answers and proactive information the converged solutions provide to users.
The largest threat in InfoSec is the human being and InfoSec professionals need to be able to proactively obtain and manage information in order to stop threats or limit existing threats to the smallest degree possible.
Converged solutions allow users to intelligently analyse what is happening within their environment (Chester uses the word environment because a closed network no longer exists), and proactively act on that information before it is too late.
Threat eliminating technologies follow the threat landscape trend and each manufacturer tries to envision what type of threat would be exploitable tomorrow and how are users going to prevent it.
Technological converged solutions, such as threat intelligence, next-generation UTMs and identity integrated technology, was born out of the advanced attacks and threat landscape users are subjected to today.
Chester imagines that more manufacturers are going to be working on developing the next phase of threat intelligence and other next-gen technology, perhaps combining threat intelligence with a better type of “learning” intelligent anomaly detection and prevention – thus moving away from the traditional filter and rule-based intrusion detection and prevention arena and into a self-adapting anomaly detection and self-sustaining prevention mechanisms which factors in traffic, data and service identity.
However, any organisation which simply implements technological solutions to guard them against InfoSec and cyber-threats will surely fail due to the adapting attackers which users will always face.