Database breaches and cyber crime cost the global economy more than $400 billion on an annual basis and there is no evidence that these metrics are improving, in fact, they are getting worse.
What is Making Matters Worse?
The increasingly connected world – whether it be mobile, virtual, or cloud – has ripped new holes in traditional perimeter security. Expanding network infrastructures has created millions of access points lending multiple avenues for attackers to slip through data centers discretely. In other words, traditional data protection methods no longer work.
Enterprises are steadily progressing into the cloud, mobile platforms and connected systems, and legacy solutions have no way of accounting for it. In fact, a recent Gartner study found that 83 percent of traffic now travels “east/west” within the data center, undetected by traditional perimeter security.
Furthermore, few CSOs and CIOs have visibility into their networks beyond the perimeter; a concerning thought considering that 73 percent of respondents of a recent survey see demand for data center resources increasing. Yet despite the need there is still a lag of appropriate resource allocation, particularly with security. This is taken advantage of by criminals who remain invisible and ultimately uncontainable once they break their way into a data center. It’s a growing trend, as noted by the advanced attacks that enacted the major breaches of retailers, financial institutions, and media organizations over the past year.
Legacy security solutions can only alert users when damage has already been done, but enterprises increasingly need ways to see with more accuracy and granularity what traffic patterns look like inside the enterprise infrastructure and data centers. It’s truly about being proactive because reacting means it’s too late.
Additionally, businesses need to be able to visualize data traffic to know if a threat, or possible threat, exists – especially as networks become increasingly flooded with cloud-based products and laterally moving traffic. And most importantly, CIOs must ask themselves: If a threat is inside my network, how do I ensure I identify and address the issue?
Sharp Focus on Data Center Security
Map the network. Mapping the data center and then flagging hackers within the virtual and physical infrastructure is critical as a first step. CSOs and CIOs that have a system map of their systems can react to suspicious activity and place countermeasures that impair breaches and data exfiltration. Being able to visualize these traffic patterns within networks in order to understand threats will also elevate the security accountability to the executive leadership team. Recent evidence proves this is a mandatory evolution. Security is no longer a simple matter of expense or remediation and it is no longer a one-man job. It’s an issue that burdens entire companies and can prove damning for even top-level execs unless proactive methods are adopted.
Identify and place control over high-value assets to reduce risk and demonstrate compliance. Although older security solutions are blind to advanced threats, new security companies have produced distributed solutions that protect data in the growing virtual, mobile and automated environments. The insurmountable flow of data through supporting infrastructures prevents companies from securing all information and access points. However, if companies can identify the most important data, they can customize security to bottleneck threats and better protect against significant breaches and laterally-moving threats. Consider integrated solutions that provide security at asset location and reduce the scope of attack surfaces in virtue of being separate and localized. Malicious campaigns would be snubbed early and would not have the opportunity to cause widespread damage, ultimately reducing possible future costs.
Build team accountability processes and instill best practices. Executives that understand how traffic flows within their environment, how information is accessed and how it is secured, can create proactive measures to secure high priority assets and implement roadblocks for would-be attackers. But it will not be enough if employees lack the right security posture. All dynamic security measures in the world will be useless when there’s a slipup that allows an attack to occur. The concern was supported by the 2015 State of the Endpoint Report: User-Centric Risk released by Ponemon Institute, which revealed that 78 percent of IT and IT security practitioners consider lax and careless employees who do not follow security policies the biggest threat to endpoint systems.
Traditional Data Center Reinvented
To sum up, there are three things any CSO or CIO should keep top of mind: the perimeter is gone, visibility is key, and current security practices are obsolete. Securing specific apps or servers is a misstep considering that the traditional data center has been reinvented. And as new apps, devices and end users continue to add devices and systems to a network, increasing the attack surface, visibility will play a major role in ensuring data protection.
So, it may be time to reconsider old security solutions and approaches as they lose visibility out of the box. New technology is out there that will open a new window into the way data is stored, processed, and transmitted in today’s networks.
Demetrios “Laz” Lazarikos works with Fortune 500 and emerging technology companies in building IT security, IT risk, and compliance solutions to combat advanced cyber threats.