How to Secure Against the Disruptive Change

The current generation of chief security information officers is exposed to increasing next generation security threats resulting in major risks. While information security trends are showcasing new threats, CISOs are expected to be on their toes to find ways and solutions to mitigate the risks and ensure security against all odds.

Next gen threats and risks of 2014
The primary challenge for CISOs is the avalanche of smart devices which are bringing in new risks, besides tackling economic challenges. An incredibly unprecedented number of users now access and consume enterprise network and online resources more than ever before.

“Today’s sophisticated threats have a very elusive anatomy and target popular apps and OS as threat or attack vectors” 
--Abhilash Sonwane, Chief Technology Officer, Cyberoam Technologies

Within enterprise networks, with the arrival of super high-speed broadband and other connectivity options, business networks are shifting to gigabit platforms, and security must cope up with this disruptive change. BYOD/mobility, virtualisation and cloud are creating security blind spots in organisational networks.

Moreover, today’s sophisticated threats have a very elusive anatomy and target popular apps and OS as threat/ attack vectors.

How to Secure in 2014 

1. 1. Having the mandate to tackle myriad goals and responsibilities besides managing the security of the organisation, CISOs need to be open to track new trends
   2. CISOs to rise beyond their image of gatekeepers and become catalysts of a productive change.
   3. CISOs establish ‘information security’ as an enabler for business transformation
   4. The primary challenge for CISOs is the avalanche of smart devices which are bringing in new risks, besides tackling economic challenges

Using social engineering attack methods, they easily trick unsuspecting users into visiting and downloading malicious content like advanced malware that enjoys low-detection rate and remain latent to do bigger harm, thereby putting sensitive data assets, credentials and user-identities at increased risk.

Ways to mitigate risks 
Adopting solutions that provide these --integrated security, user-identity based controls, and next-generation threat protection with app visibility & control, website filtering, Web Application Firewall, SSL VPN to enable secure remote access, ready and easy support for regulatory compliance and real-time situational awareness into network and user activities for incident management --can certainly help mitigate risks from next gen threats.

Best Security Practices
The scope and need for security varies from one organisation to another. In today’s dynamic environment, information and network security also need to be dynamic. As such, the best practices cannot be limited.

1. For a CISO on a mission to secure the organisation from external and internal threats, the primary task is to conduct the audit of present security readiness.
2. This includes identifying obsolete or traditional legacy systems that won’t dovetail with next generation transformation.
3. Secondly, they need to understand as to what approach will ensure the organization have a correct security posture.
4. A CISO needs to evaluate investments and initiatives in disruptive technologies and trends like cloud and virtualisation. For example, before implementing virtualisation, they should ask themselves how this will change security. Consequently, they should figure out how they will turn disruptive into productive by being able to bridge security gaps.
5. Regulatory compliance is no longer just a statutory aspect, it reflects an organisation’s willingness to make stronger commitments. Eventually, it’s about choosing security capabilities that are future-ready and will help organisations see more for its IT driven business road-map.

Air Force 1