As security vendors, it is incumbent upon us to reduce complexity. By resolving to make advances in these three areas, we can reduce security complexity while helping more organizations thwart more attacks.
It is both naïve and wrong to ignore the role infrastructure plays in protecting data. Trusted networks trump untrusted networks. However, should security be a reason to upgrade networks or stay with proprietary compute architectures?
With increased awareness and a deeper understanding of how attackers go about their ‘shopping’ we can take some relatively simple baseline measures that can go a long way toward protecting against cybercrime this time of year.
While complex threats are an easy place to lay blame, lack of visibility is the real culprit. Turning your eyes inward to detect where compromises occurred sooner rather than later has the potential to limit your risks substantially.
It has become very clear that intrusion detection and intrusion prevention are not simply deployment options of the same technology. They are in fact separate disciplines with unique requirements, goals and roles in the security stack.
When vendors and individuals attempt to keep threat intelligence private, they limit the ability of the entire group to identify and mitigate new threats as they are developed and launched against organizations.