This is the time of year when security vendors make lots of predictions about what the year ahead holds for information security. Most of the predictions are stunningly obvious and trivial, but one was intriguing. Corey Nachreiner, director of security strategy at WatchGuard, reckons 2014 will be the year of security visibility. But what does he means by that?
The security industry is a ‘pendulum’, he says, swinging back and forth between the good guys getting the upper hand and the bad guys winning. Have we been too reliant on technology to solve the problem while ignoring the human dimension? Although technology can help, it’s often misused and misconfigured. And while your logs might contain masses of useful information that could help keep you safe, it’s often never looked at, and even when it is, it’s hard to spot the really significant information.
Nachreiner believes the security industry will put a lot of effort into creating visual tools to make identification of the important information much easier. And that’s important because critical security information is not being delivered in a way that people can use it in the real world. Security visualisation tools could have direct administrative and business benefits outside the security domain, too, he argues.
Meanwhile, what threats do you protect against? The truth is, you can’t cover every angle, especially as the IT landscape becomes ever more complex. The simple equations of risk that we used to apply to our IT systems, and the decisions which assets need protecting, no longer apply, argues Jason Hart, VP of cloud services at SafeNet.
Today, they key assets you need to protect are data – but which data? Relatively few firms are capable of identifying which data is most important, which information would cause a problem if breached and what the impact would be. Organisations need to get to grips with these issues. And when they have, they can then go about effectively protecting those data assets. This is a two-pronged approach, says Hart – controlling access to the data, and encryption.
But even where organisations are addressing these issues, how well are they doing it?