Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Time Must Be a Key Consideration for Security Investment and Innovation

When I talk to security leaders about their most challenging issues, one topic that always seems to come up is how to judge the effectiveness of their technology investments. Of the many options out there – from number of days without an incident to the efficacy of particular security products – I believe the concept of time provides an interesting and compelling way to view the security needs of a modern enterprise.

When I talk to security leaders about their most challenging issues, one topic that always seems to come up is how to judge the effectiveness of their technology investments. Of the many options out there – from number of days without an incident to the efficacy of particular security products – I believe the concept of time provides an interesting and compelling way to view the security needs of a modern enterprise.

As a general rule of thumb, we need to recognize that networks need to be fast and they need to be secure. To truly accomplish this, we need to understand that time is a critical factor. It is the speed in which it takes your network to respond to a threat that means successfully thwarting an attack or getting owned; and unfortunately, the velocity, volume and impact of these threats continues to grow at a rapid rate.

There are several different ways to think about time as it relates to security.

Ensuring the Network is Fast and Secure

First, time relates to the performance of security solutions, especially as they pertain to the network. Even the most innovative security solution is useless if it produces a significant drag on either network or end-user resources. Companies must evaluate the performance needs and abilities of their security infrastructure and ensure that they don’t excessively slow down traffic or affect the quality of service. The faster that packets can move securely through the network, the better.

Cyber SecurityAs companies deploy new security technologies, understanding the impact on overall network performance should be a very important factor in the decision-making process. To make the right investments, they should have a clear understanding of the network performance needs today and in the future.

Response to Threats

When a threat, like newly identified malware, hits the scene and becomes known by security researchers, companies want to know as soon as possible so they can take action at security enforcement points in the network. The amount of time from discovery to enforcement is a key factor affecting whether a company will be compromised or not. However, the lion share of emphasis has been put on discovery and forensics via SIEM or other analytic means. There is less focus on how that information makes its way to enforcement points throughout the network. Companies must evaluate how quickly they can make this happen.

Another element where time is the most relevant metric is when patching vulnerabilities. For example, ensuring that security operations teams are able to quickly test and deploy patches is key. While widely known, using time as a metric for this important process is a critical part of any security program.

Operations and Maintenance

It takes time to grow, scale and change security and networks. Operational expenses associated with security can add a significant cost to security teams that are often understaffed. Configuring and updating security policies when provisioning new apps, system maintenance and other operational tasks takes time and resources. Finding ways to automate the management of as many of these tasks as possible can significantly reduce the time and operational expense, giving security teams additional time to focus on managing more complex security risks and challenges.

In security, time can be the most important element to reducing risks, because when bad actors have a business in their sight or an unfortunate error occurs and leads to a breach, companies want time on their side. The time savings that is generated from fast equipment, faster response time and automation means substantial operational efficiencies, or better yet money.

Written By

Click to comment

Expert Insights

Related Content

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Cybersecurity Funding

Forward Networks, a company that provides network security and reliability solutions, has raised $50 million from several investors.

Network Security

Cisco patched a high-severity SQL injection vulnerability in Unified Communications Manager (CM) and Unified Communications Manager Session Management Edition (CM SME).

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...