Company security measures often 'knee jerk' reactions

Identity and device management for the cloud and mobile enterprise firm, Okta, has recently published an interesting report which says, among other things, that 65 per cent of IT security professionals expect to be hit by a cyber-attack in the next 12 months.

Being such a grim prediction, it has spurred a lot of thought. Vice president of technology at NSFOCUS IB, Richard Meeus, said security measures are often 'knee-jerk reactions' to breaches or media fanfare.

"In these cases they are often no more than just a plaster as opposed to curing the problem. This is when it will harm productivity and users become frustrated. Having a defined security policy and working with trusted partners helps organisations to deploy effective security seamlessly,” he said.

For Brian Lang, VP of Lastline, the biggest problem is in the victims’ slow reactions.

“Most organisations recognise that they face a grave cybersecurity threat but have been too slow to react and often their response is piecemeal and tactical. Critical to successfully addressing this challenge is the recognition that the threat is continually evolving to exploit the weakest link in their defences whether that is through employees or systems or both. Achieving improved levels of cybersecurity requires rapid detection and response to attacks which means that organisations must harden their employees as well deploy integrated security solutions that provide security analysts with actionable information rather than drowning them in data,” he said.

With this understanding some of the critical improvements in enterprise security can be understood. Success will require acknowledging that employees play a role in the solution and provide them with education and training to ensure they are as vigilant as possible. With respect to security solutions they must then correctly identify threats, provide superior visibility into attacks, allow for immediate remediation throughout the entire enterprise and then provide basic information sharing so that all organisations can gain insights from the challenges they each are facing.”

For Firemon’s VP, Michael Callahan, the problem lies in the lack of a quality workforce. The skills shortage makes all the difference in the world.

“I don’t think we’re failing as much as we don’t have enough skilled people and you need to supplant that through automation tools that help you manage the complex environments. Companies are increasingly looking to security management vendors to address both of these concerns. I’m surprised it’s not higher than 65 per cent but maybe it has to do with how you define serious,” he said.

“I think most leaders believe they will experience some sort of breach. We don’t have a technology problem. There are many, many security technologies. The issue is how do you effectively manage these solutions in an increasingly complex environment. The answer is to take advantage of security management tools that see the entire infrastructure and can automate change, find risks and simulate the effect of changes.”

Image Credit: Tolga TEZCAN / Shutterstock