Meet the Bloggers

Vaune Carr, Principal Consultant, BT Global Services

Rob Jamison, Manager, Network Intelligence, Managed Security Solutions Group, BT Global Services

Jill Knesek, Chief Security Officer, BT Global Services

Sushila Nair, Product Manager, Managed Security Solutions Group, BT Global Services

Ben Rothke, Senior Security Consultant, BT Global Services

Pete Russo, Senior Marketing Manager, BT Global Services

Bruce Schneier, Chief Security Technology Officer, BT Global Services

Ray Stanton, Global Head of BT’s Business Continuity, Security & Governance Customer Capability Unit

Jim Tiller, Vice President, Security Professional Services, North America, BT Global Services

Toby Weir-Jones, Vice President of Product Development, Managed Security Solutions Group, BT Global Services

Twitter Blogroll About BT

SecureThinking

Thursday, July 29, 2010

We have security problem blah, blah, blah – can you help us?

By Ben Rothke, Senior Security Consultant, BT Global Services, CISSP, CISM

Two years ago, my colleague Ben Tomhave and I wrote an article titled, Information Security and the Importance of Context

Perhaps we were ahead of our times, as a new report from Gartner — Effective Security Monitoring Requires Context — echoes some of the same sentiment.

In the report, Gartner Distinguished Analyst Mark Nicolett notes that the rapid discovery of a breach is key to minimizing the damage of a targeted attack.  And if you are the victim of a targeted attack, anything less than a targeted remediation effort is insignificant. 

In those 49 words, Nicolett subtly delineates between an organization that is on top of its information security effort, and those that are playing information security charades.

It’s 2010 — and far too many organizations are still clueless regarding their security risks.  They buy security products, write security policy, and do security things; but they lack the context in which to execute security initiatives.  They end up doing a security dance, but in the words of Billy Idol, they are dancing with themselves.

There are myriad excellent security books, articles and blogs; but the only way to use that information within your organization is to have a context in which to apply security processes.

The industry has also created a plethora of security best practices, which are often quite effective.  But if you don’t know your security problems, the “bestest” of the best security practices won’t do much for you.

So what do you need to know?  Know your enemies, know your security threats, and within that context, create a security strategy.

Nicolett breaks context down into four areas: user, data, application, and external threat.  Creating a matrix of your risks against those areas is fundamental.  Once that is done, a formal information security strategy can be executed.  The addition of context to your security event monitoring infrastructure will increase the likelihood of early discovery of a targeted attack, resulting in shorter recovery time, reduction in losses and other benefits.

For organizations that have done that, they find their security product purchases are radically different.  Rather than securing themselves against blah, blah, blah threats, they have metrics to show how effective they are.  Security purchasing costs go down, while the level of protection improves. 

On the web, content is key.  When it comes to information security and protecting your digital assets, context is key.  Know your context and protect your infrastructure.  If not, it is back to blah, blah, blah security.

 

Posted at 1:06 PM
Tags: , , , , , ,

Bookmark and Share

Leave a Reply

subscribe - log in