Post breach security: CARM after the storm

Data breaches create fear within organisations and as a result, everything about an organisation's security strategy has always been focused on stopping breaches from happening. The inconvenient truth however is that breaches continue to happen. In fact, data breaches are becoming frequent and increasing in severity, and therefore we must accept that it is not a case of if a business will suffer a data breach as a result of a cyber attack, but simply when.

Breaches can be malicious or non-malicious but whatever the intent, any exposure or theft of business data, operational disruption or the "brand impact" is extremely costly. As a result, organisations are finding it increasingly difficult to invest in preventative measures, and still continue to be challenged around the post-breach scenario. With the volume of attacks causing a big data problem, it is left to un-skilled employees to address the issues, but still no one to clear up after the attack has taken place. Unfortunately, this is allowing response times to be too long and insufficient resources are delaying the appropriate remediation. It seems that little effort is left to complete a forensic study, or develop the regulatory/compliance reports, and managed mitigation is a fantasy.

Read more: Security compliance is necessary for real-time mobile data access

This has been the impetus for Exclusive Networks and its partners in security technology to create a platform capable of addressing the post-breach issues businesses face following a successful cyber attack: CARM (Cyber Attack Remediation & Mitigation) adds reaction to your existing detection and protection topologies. By implementing a process of defence, identification, response and remediation, CARM downgrades successful attacks into known threats.

By combining the best of breed capabilities of numerous vendors such as LogRhythm, FireEye, Palo Alto Networks, Bit9, Imperva and Fortinet, CARM helps address the key issues facing CISOs; lack of visibility, volume of incidents, classification of incidents, time to detect, time to contain and ultimately the minimisation of the attack's impact.

The real beauty of CARM is its flexibility to integrate even further with existing legacy vendor technologies already deployed. Whether that's firewalls, IPS, anti-malware etc., this means existing investments are not dead. CARM does not "rip and replace" but instead leverages previous investments which were designed for prevention purposes, to deliver a post-breach solution. And with CARM available to demonstrate as a live working platform, organisations can trial and build various scenarios to test the automation and rapid remediation benefits.Porthole Ad

- Quicker response, lower breach impact

- Better, more isolated breach fixes by virtue of its early warning system

- Easier, faster breach notification and forensics in spite of big data

- Fewer IT hours, no human error thanks to maximum automation

- Remediation learning eliminates repeat threats

- Significantly more cost-effective than adopting multiple technologies through any other model

The changing face of the security landscape is increasing the need for post-breach security and this is happening at the same time as innovative security vendors are coming to market with highly capable post-breach solutions. The CARM initiative is Exclusive Networks' way of making that process as easy for the market to adopt as possible.

Read more: Research suggests more than three-quarters of mobile apps to fail security tests by 2015

At Cyber Security EXPO, CARM will be one of the key themes with visitors able to discuss their challenges around post-breach security and what solutions are available to them. After all, if your organisation isn't thinking about the post-breach scenario now is the time to think differently. You already want to minimise costs in your business, so minimise the costs of an inevitable security breach! As the threat of cybercrime continues to grow, we can all learn from the analysis of hacking techniques. Numerous initiatives are available worldwide to connect companies to the latest thinking of hackers including The Cyber Hack, a new live open source security lab at this year's Cyber Security EXPO which will expose visitors to demonstrations and discussions of the latest attacks and identified risks.

Turn your attention to building capabilities that shorten the time to detect a breach and the time to contain it. Time is money; the longer a breach remains open, the more it will cost the business.

Graham Jones is UK country manager at Exclusive Networks.