Stripping back security with 'less is more' approach

Today’s businesses have never spent more on cyber security, yet they’ve never been less protected. While the global security spend races towards $30 billion, breaches in UK businesses alone have shot up by almost 25 per cent in the past three years.

With profits of around £280 billion per year, cybercrime is now so lucrative that criminals have all the time and resources they need to learn your defensive systems and sculpt the perfect assault. Fast-moving IT trends like mobility and cloud have made this even easier by dramatically broadening the attack surface.

The highly skilled and motivated attackers opposing us only need to succeed once; your business needs to defend itself successfully every time. Unfortunately, it’s no longer a question of if you’ll be breached, but when and how badly.

No safety in numbers

Faced with such an alarming challenge, many businesses have concluded that “more is better”. Surely deploying more security devices, solutions and services must make you more secure? Well, no.

The average organisation already has over forty security solutions, which together generate a tsunami of logs it’s impossible to keep pace with. True, the potential to see security threats is there, but there’s so much information that businesses can’t accurately identify the real dangers and deploy the resources to fight them.

Here’s the problem: every security device drives detections based on a siloed perspective. Devices don’t talk to each other and they must all be managed from separate consoles. With such a fractured approach to security, it’s no surprise cybercriminals squeeze in through the cracks.

Don’t do more of the same

It’s time for a smarter approach to cyber security where ‘less is more’. You don't need detailed information on every threat, or a product for every problem; you need to hone in on the tiny percentage of threats that really matter to you.

Most security alerts aren’t worthy of action, but a select few demand your complete attention. The trick is to distil this critical handful from the millions of alerts, quickly and at lower cost. Fortunately, new technologies can do just that: analysing terabytes of data to extract vital security intelligence in real-time.

By combining a deep view of your day-to-day network behaviour with threat intelligence from the outside world, you can build a comprehensive picture of your real-time security posture.

Then, through machine intelligence, automation and big data analytics, it’s possible to identify that critical 1 per cent of threats that could break your organisation.

But clever technology isn’t enough; you also need to apply the expertise of skilled security analysts to the problem. Top tier specialists are expensive and time poor, but by focusing them on the contextual output of smart technologies, they can efficiently analyse only the threats that matter and find a way to fight back.

When human and machine intelligence come together, cyber security can finally start to deliver. Fortunately, the cloud also makes consuming these advanced services feasible for any business - keeping costs low, agility high and ensuring the scalability to conquer any challenge.

Marty Legg, head of cloud services at SecureData.