This article was originally pubished on Security Week.
“Whether 'tis Nobler in the mind to suffer The Slings and Arrows of outrageous Fortune, Or to take Arms against a Sea of troubles, And by opposing end them”
–Shakespeare, Hamlet, Act III, Scene I
Insecurity of any time stems from a common psychological cause -- fear. Fear is generally a reaction to something immediate that threatens your security or safety, triggering a sense of dread, alerting you to the possibility that your physical self might be harmed, which in turn motivates you to protect yourself.
This negative emotion is amplified by an inability to take action, to impose action that removes or prevents fear itself. Fear itself can harm one’s judgment and prevent teams from taking action.
There is a parallel in today’s overheated information security environment. The breach-a-minute pounding corporate and information technology professionals face every day can make many of us feel like Hamlet: fearful, paralyzed not sure what is the best course of action to take. The overwhelming number of reports detailing the scape and scope of breaches, the enormous troves of confidential and national security information, and the speed and sophistication of shadowy enemies is enough to make you want to put the pillow over your head and not get out of bed in the morning. Indeed, more and more money has been spent on perimeter and mobile security, yet companies believe they are less secure.
Taking a directed course of action can not only strengthen a company’s cyber defenses, it can also re-establish confidence in IT systems overall. It is important to have a strong focus on the data center, where the crown jewels of information assets are stored and under attack by cyber Willie Suttons. As I outlined in a prior column, IT teams must move to incorporate new security measures beyond the traditional approaches.
To help build both effectiveness and confidence in data center and cloud security information security must broaden its base to eliminate the gaps and weaker processes. Here are four organization and technology initiatives that can strengthen both security and confidence in the IT and business community.
1. Security must not be run in a silo. While security teams play the most critical role in assessing corporate risk and setting policy, there must be leadership and shared responsibility across various IT functions. It is critical that other IT functions understand and support security initiatives as early as possible. Knowledge is power.
2. Security must adapt to today continuous delivery model. Businesses need to run fast and have adopted agile, orchestrated methods of application development. If security capabilities can keep up, the entire enterprise can have more confidence. Instead of being seen as a form of inertia to application delivery, security can become a catalyst.
3. Breaches must be found rapidly. Systems must be engineered for constant visibility and notification of policy violations in the case of a breach. This means that IT teams must be presented with specific and actionable intelligence and not an endless row of notifications that cannot take action on in a timely fashion.
4. Containment is as important as discovery. It is nearly impossible to engineer – or to claim to engineer – a data center security approach that will prevent all forms of breach. The damage of a breach will be mitigated by the effectiveness of the containment system. The ability to contain a bad actor with a single click should be the goal.
We certainly live in interesting, even dangerous times. But we can “take up arms against a sea of troubles,” restore confidence in our IT systems, and lower our emotional and actual exposure to cyber insecurity.