Clicky

Dealing with Fragmented Security
by Daniel Newman | October 31, 2017

Usually, the more complex something is, the more difficult it is to figure out. That goes for cross-word puzzles and mazes—you’d think it would also stand true for cyber security. But what many IT teams have found is that the more complicated our networks are getting—mixing BYOD devices, legacy platforms, as-a-Service apps, and shadow IT—the more challenging it is to keep the systems safe.

In the past, the answer seemed to be adding security to each device or system, allowing for the aggregate network to be covered by a large but disparate blanket of security—covering various layers, systems, and devices. But although that approach did offer lots of security coverage—it did not necessary lead to better protection. That’s why IT teams are looking beyond simple data security to the more sophisticated solution of threat intelligence.

So, what is threat intelligence? In layman’s terms, it’s the process of aggregating, analyzing, researching, and processing vast amounts of data into patterns to find the greatest security risks. Whereas cyber security teams focus on engineering solutions for the security breaches, threat intelligence goes about finding the true threats—saving time, energy, and money along the way. Because of the highly fragmented nature of today’s networks, threat intelligence seems to be the “glue” that hold the vast amounts of security cracks together. In fact, it may be the only way to manage the immense number of threats moving forward—at least for larger companies. The following are some tips to keep in mind as you aim at keeping your complex systems safe.

Keep It Simple

This might seem like a pie-in-the-sky goal in the era of BYOD and cloud-based systems, but the onus of keeping systems foundationally functional still lies on the company itself. It’s been said complexity is the enemy of security. Rather than throwing patchwork solutions together, take time to aggregate from the ground-up as much as possible. Pool resources, use common software and data repositories, and integrate your systems as much as possible. It might take longer to plan, but it will keep your systems safer in the long term.

Know That Data and Intelligence are Two Different Beasts

It does no good to collect tons of data about potential security breaches if you can’t manage and process the multitude of that information. In a Ponemon Institute study, research showed 70 percent of security professionals felt there is simply too much information to act on—and just over 25 percent felt their company was using the data effectively. That’s not a lot! If you are collecting vast amounts of data regarding security issues, it’s a sign that you are using too complex of a system, and the systems are not coordinating as well as they could be.

Use the Technology Available to You

If you are struggling with keeping fragmented systems safe, you are not alone. Some 30 percent of security professionals said they ignore more than half of security alerts they receive. If there was ever a sign you need threat intelligence, this is it. The right threat intelligence team can help find the threats that really matter so your security teams can address them more quickly and effectively.

Create a Security Plan

Throwing band-aids and threat intelligence glue on your fragmented networks is not a long-term solution to your security quandary. Your tech leadership needs to determine a plan to align your systems, clean up messes, and create cohesive network and data strategies wherever possible. After all, threat intelligence might be able to sort through a mess of data—but it won’t stop the messes from continuing to happen.

Today’s systems are more complex and fragmented than ever, meaning today’s companies—and their valuable data—are even more at risk. Rather than creating even more complex security systems to protect your networks, it’s time to simplify, streamline, and organize systems smarter—using advanced systems like threat intelligence when needed—to create workable solutions that work now, and into the future.

Additional Resources on This Topic:
Intelligently Using Threat Intelligence
Business Resiliency in the Hybrid Era
Key Takeaways from Cisco’s Cybersecurity Report

Photo Credit: CJS*64 Flickr via Compfight cc

This article was first published on Converge. 

Daniel Newman
Close Menu