The 'chat' from the cloud

Keep up-to-date with the latest trends, hints and tips on cloud-based security

Six recommendations for effective protection against advanced threats

Date: June 3, 2014

Category: IT Security

Guest post: Blue Coat.

Understand the challenges and the limitations of traditional blocking and prevention approaches by reading these six recommendations for more effective protection against advanced threats.

Enterprises are overly dependent on blocking and prevention mechanisms that are decreasingly effective against advanced attacks. Comprehensive protection requires an adaptive protection process integrating predictive, preventive, detective and response capabilities.

Challenges of traditional blocking and prevention:

* Existing blocking and prevention capabilities are insufficient to protect against motivated, advanced attackers.
* Most organisations continue to overly invest in prevention-only strategies.
* Detective, preventive, response and predictive capabilities from vendors have been delivered in non-integrated silos, increasing costs and decreasing their effectiveness.
* Information security doesn’t have the continuous visibility it needs to detect advanced attacks.
* Because enterprise systems are under continuous attack and are continuously compromised, an ad hoc approach to “incident response” is the wrong mindset.

Effective protection against advanced threats:

Information security architects:
1. Shift your security mindset from “incident response” to “continuous response,” wherein systems are assumed to be compromised and require continuous monitoring and remediation.

2. Adopt an adaptive security architecture for protection from advanced threats using Gartner’s 12 critical capabilities as the framework.

3. Spend less on prevention; invest in detection, response and predictive capabilities.

4. Favour context-aware network, endpoint and application security protection platforms from vendors that provide and integrate prediction, prevention, detection and response capabilities.
5. Develop a security operations centre that supports continuous monitoring and is responsible for the continuous threat protection process.

6. Architect for comprehensive, continuous monitoring at all layers of the IT stack: network packets, flows, OS activities, content, user behaviours and application transactions.

To discuss using security technology as an enabler (rather than to block and prevent) and help you unleash your full business potential, call us on 01256 379970 or email: [email protected]

 

 

Comments are closed.

Back to IT Security
  • Remote Office Data Protection

    Remote & branch offices are particularly vulnerable to data loss - read more...
  • Protection from advanced threats

    6 recommendations from Blue Coat - read more...
  • Tokenless Strong Authentication

    Use the device you carry as the authenticator - read more...
  • Email security specifically for SMEs

    Proofpoint Essentials offers ultimate email protection - read more...
  • Enquiry LinkedIn Spiceworks