What is New and Next in Cyber Security: Changing Strategy for a Growing Threat Landscape
The ever increasing volume, velocity, speed, and diversity of cyber-attacks is setting up greater challenges for the global cyber security community.
Government agencies, in particular, are demanding that there be more solutions to help deliver the results they need to continue service delivery as usual. We have witnessed recent high level breaches and hacks coming from the United States, such as the Office of Personnel Management breach and CIA Director Mr. John Brennan’s personal email hack.
From this, security has become the center of conversation throughout the public sector. As more governments are moving to public cloud service platforms, they are asking for more assurance. They need to know if they can have the same level of protection as on their premises.
Intel Security Group brought the cyber security community together at their annual Focus Security Conference 2015 to discuss this evolving threat landscape and what we all can do to better approach cyber terrorism.
The first keynote speaker of Tuesday’s session was the firm’s own Mr. Chris Young, SVP and General Manager. He reiterated the impact of threats on security strategies and need for simplified security solutions. Mr. Young said, “With a rapidly expanding attack surface, and a shortage of relevant talent and expertise, defenders need to win on visibility into events, simplified management and capabilities that empower teams to close the loop on attacks in progress-faster, more effectively, and with fewer resources.”
By instilling new leadership with new skills, the security group is making great strides towards managing the growing landscape of cyber terrorism. Within the security community itself, Chris Young has emphasized that mindsets need to shift. People need to start thinking that, “Security isn’t just about people who work in the space… it is about everyone.”
It is worth changing the conversation to think, an attack against another organisation is an attack against me. If an organisation is under attack, they will not be able to help anyone out if they do not disclose what went on during the attack and what the threat source was.
This is why more and more security firms are coming together, linking up to provide organisations with better threat protection overall. With this, they will also share real-time threat intelligence amongst each other so that attacks are not replicated throughout the security network.
On security firm partnerships, Mr. Young stated, “Connecting products is not the end solution. This is just the first level of sophistication.” What he means by that it is not enough to just bring different security solutions together and deliver it to the consumer. These solutions must work together as a whole to provide ease in maintenance and management.
With this, the security community is moving closer to a ‘cloud first’ model, as Mr. Young puts it. This means that solutions will start the design by thinking, “Everything will run in the cloud.”
More organisations are moving to a cloud infrastructure in order to lower costs, transform their digital service delivery, and gain storage scalability. This is the reason why security design should start with designing for cloud models. This is the way forward and is expected to be the norm across all sectors.
“We used to think about computing…in today’s world, we compute without thinking,” Mr. Young quoted. He goes on to say that this has affected the ability of the community to keep up with new security threats and needs.
As the security community comes together, it is important to consider three things in addressing the growing threat landscape. First, shift the mindset of the community towards considering a cyber threat to one is a threat to all. Second, considering increased firm collaboration as a step forward in tackling security threats. Thirdly, emphasizing cloud models as a growing norm so that the industry can address many concerns, including its security skills gap.
The security community is evolving to meet the demands of the threat landscape and demands for better protection. Coming together as a united force allows them to tackle the threats with greater impact, thus making systems more secure and sustainable.