Security Risk Management--the answer to your security prayers.It used to be the case that only the most technical members of the IT department understood IT security. Viruses, Trojans and worms were not terms used outside the IT room, management did not yet worry about hackers or 'zombie' machines, and the board had absolutely no idea what a zero-day attack See zero-day exploit. was, let alone how much damage it could cause. Now however, with computers (and their attendant threats) a ubiquitous part of virtually every organisation, IT security has slowly but surely risen through the ranks to become the business-wide issue it deserves to be. Familiar, traditional IT security solutions usually include as a minimum the ubiquitous firewall, plus anti-virus software anti-virus software n → Antivirensoftware f and scanning, intrusion detection See IDS and IPS. and identity management. But the range and scope of products available covers all different aspects of security from the very specific to broad, network- wide prevention measures. In addition, most businesses using standard applications and software, for instance Windows, will also implement a programme of patch management The installation of patches from a software vendor onto an organization's computers. Patching thousands of PCs and servers is a major issue. A patch should be applied to test machines first before deployment, and the testing environments must represent all the users' PCs with their unique . This ensures that the latest 'patches'--the IT equivalent of sticking-plasters--are applied to the server or users' computers to fix any vulnerabilities inherent in the software. While these security solutions are without a doubt better than nothing, and are often sufficient to protect the IT infrastructure in the main, they can also become a major headache for a business, its employees, and more specifically its IT department. Installing, implementing and maintaining the myriad solutions is usually an expensive and very time-consuming process. IT staff spend time updating patches or reconfiguring firewalls when they could more usefully be focusing their attention on profit--driving activities. Security needs are unlikely to be prioritised, leading to resources being wasted on inessential measures--and particularly in the case of patches, this lack of understanding can lead to 'vulnerabilities' being fixed unnecessarily. The alternative however is worse--that measures are not taken and the network is left vulnerable-Add to this the fact that virus warnings, patch updates and other security problems are being constantly issued at an often incredible rate, and it is not surprising that businesses, and their IT departments in particular, are having trouble keeping up--with potentially disastrous consequences. So what is the solution for businesses that want to protect their networks and machines in an effective and cost-efficient way? The answer is automation. Many of the solutions mentioned above can be, and frequently are automated--patches are automatically installed onto machines, anti-virus software scans for known signatures of viruses and worms--and the IT manager simply has to sit back and let the whole process carry on without them. Unfortunately however this is never as straightforward as it may seem. Certain types of security require frequent updates which have to be manually inputted, while others are incompatible with particular systems and so need more careful monitoring- Security programmes too are often not intelligent enough to be relied on to deal with unusual or unexpected situations in the same way that a human could. A rush of traffic to a website may be mistaken for a zero-day attack, or the legitimate addition of new software may be mistaken for a malicious intrusion. To avoid these kind of issues, what's needed is a more holistic approach holistic approach A term used in alternative health for a philosophical approach to health care, in which the entire Pt is evaluated and treated. See Alternative medicine, Holistic medicine. that aligns security with business goals and more efficiently manages risk. Security Risk Management (SRM (1) (Storage Resource Management) The management of the storage resources in an organization in order to avoid duplication of files and to determine space utilization across all servers. ) is emerging as this missing link, helping translate the black art of security into compliance risk terms that can be easily digested and documented. According to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. Forrester, "IT organisations have always scrambled to align IT with the business, but now there's a new scramble To encode (encrypt) data in order to make it indecipherable without having a secret key to "unlock" it. The term came from the early days of cryptography which camouflaged analog transmissions with secret frequency patterns. going on--in the area of risk and compliance management. SECURITY RISK MANAGEMENT Security Risk Management is defined by leading industry analysts as the complete process of understanding threats, prioritising vulnerabilities, limiting damage from potential attacks, and understanding the impact of proposed changes or patches on the target systems. SRM solutions integrate and automate multiple information sources and technologies required to implement an effective vulnerability management process--and add the analytics required to make more intelligent decisions to protect critical business assets before an attack ever occurs, while continuously proving and improving risk postures. There are three key steps in the SRM process: 1.0 Risk Assessment: Risk assessment is the identification and evaluation of risk and its business impacts. An integrated security approach is required: * Define the origins and profiles of various threats * Collect and normalise Verb 1. normalise - become normal or return to its normal state; "Let us hope that relations with this country will normalize soon" normalize change - undergo a change; become different in essence; losing one's or its original nature; "She changed completely vulnerability scanning data * Collect routing and access information from firewalls and routers * Define asset classification in business and compliance terms 2.0 Risk Mitigation: Risk mitigation involves prioritising, evaluating and implementing the appropriate risk-reduction measures recommended from the risk assessment process. A business impact analysis approach is required: * Model vulnerabilities in context with network routing * Perform attack simulation to uncover the weaknesses that pose the greatest potential harm to the business * Calculate risk exposure metrics metrics Managed care A popular term for standards by which the quality of a product, service, or outcome of a particular form of Pt management is evaluated. See TQM. and establish benchmarks * Analyse an·a·lyse v. Chiefly British Variant of analyze. analyse or US -lyze Verb [-lysing, -lysed] or -lyzing, mitigation alternatives 3.0 Risk Measurement: Risk measurement determines effectiveness of the action and continues reassessment Reassessment The process of re-determining the value of property or land for tax purposes. Notes: Property is usually reassessed on an annual basis. You may request a "reassessment" if you disagree with your assessment. and mitigation cycle to minimise threats and vulnerabilities. A measured ROT approach is required: * Perform 'what if access and risk analysis * Evaluate the cost benefits of countermeasures That form of military science that, by the employment of devices and/or techniques, has as its objective the impairment of the operational effectiveness of enemy activity. See also electronic warfare. before deployment * Issue workflow tickets to the change management systems * Issue appropriate reports to security, IT operations, CICO CICO Coffee In, Coffee Out CICO Check In Check Out CICO Combat Information Center Officer CICO Conference of International Catholic Organisations CICO Crap In Crap Out CICO Content Indicator Code Officer CICO Coin in Coin Out , CIO CIO: see American Federation of Labor and Congress of Industrial Organizations. (Chief Information Officer) The executive officer in charge of information processing in an organization. , business owners, auditors * Repeat and automate the data collection and analysis process to keep up with constant network infrastructure changes and the introduction of new threats This approach ensures that security systems are kept continuously up-to-date, as well as providing a clear audit trail for the IT department to monitor and demonstrate the different security processes in place. It gives businesses a comprehensive overview of their vulnerabilities and allows them to accurately assess the risks they face, and determine their priorities for remediation. Time isn't spent by the IT department on unnecessary measures so time ran instead be spent on improving efficiencies elsewhere. Perhaps most importantly Adv. 1. most importantly - above and beyond all other consideration; "above all, you must be independent" above all, most especially the window of vulnerability A window of vulnerability or wov is a time frame within which defensive measures are reduced, compromised or lacking. The term is used with reference to military defences of strategic assets, and also by analogy in computer software to a software vulnerability which is open , from the time that a threat is identified to the time that it is remediated, is decreased, leaving businesses far less likely to suffer damage. With Security Risk Management as a best practice, corporations can dramatically reduce their risk, reduce the time and effort taken to conduct and document an audit and improve the accuracy of their information. Automation means that security teams and auditors can have a continuously accurate snapshot of the security situation at any one time, and quickly see and correct lapses in internal controls to make sure they are always fully compliant. The IT department, security teams, business teams and executives can talk about security in the same terms and work collaboratively to ensure continuous improvement. SRM is quickly becoming the by-word for intelligent security, and with threats increasing daily in both frequency and severity, it's a term that businesses will soon find themselves familiar with. To have and maintain the competitive edge when it comes to security now takes more than just a firewall--it takes a smart efficient approach to managing risk. www.skyboxsecurity.com Avi Corfas, VP and MD EMEA (Europe, Middle East, Africa) Refers to that region of the world. For example, one might see products packaged differently for the UK, EMEA and Asia Pacific markets. , skybox sky·box n. An elevated, usually enclosed private compartment for viewing events at a sports stadium. Noun 1. skybox - an elevated box for viewing events at a sports stadium Security |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion