December 3, 2014 By Rick M Robinson 2 min read

In the days of yore, when most computers were connected via wired local networks, organizations typically relied on endpoint protection to ensure the integrity of their networks and the security of their data. Like the walls and moat of a castle, endpoint security was based on a simple principle: Keep threats outside, and the interior will be safe.

However, the information world has changed. Internet connectivity has made every PC in the network a potential endpoint. Mobile devices and cloud computing have globalized the local network, rendering uncertain the very concepts of endpoints and perimeters.

Today, a “moat of intelligence” is needed to safeguard an organization’s valuable data.

Security: From Myths to Reality

As networks have become more complex and cybersecurity threats more ruthless and sophisticated, too many organizations have retreated into security myths. Either they indulge in wishful thinking (“We won’t be hacked”) or they become paranoid (“We need to lock down everything”). Neither is true.

At a recent Web event, Brendan Hannigan, general manager of IBM Security Systems, outlined how firms can protect themselves against today’s threats. He said the concept of a castle moat needs to be replaced by a moat of intelligence: an active understanding of threats and an awareness of what needs to be protected most against those threats.

Building the Moat of Intelligence

According to Hannigan, a key first step in protecting information security is to “know thyself.” While 70 percent of the value of modern publicly traded firms is embodied in their intellectual property and other data, this highest-value information may account for less than 2 percent, down to as little as 0.01 percent, of total data repositories.

Trying to protect everything can end up protecting nothing. Therefore, firms should concentrate their efforts on guarding this high-value information while giving other data an appropriate measure of security. This means information holdings must be assessed.

The other component of the moat of intelligence is actively engaging security threats. Today’s cybercriminals are sophisticated and determined, but they do not have magical powers. Like burglars in the brick-and-mortar world, they have to “case the joint” to find and steal high-value information. Security intrusions leave distinctive and detectable traces that security experts can recognize.

Enlisting Security Allies

By working with the broader security community, a firm’s security team can tap into the latest threat profiles and security intelligence resources. Organizations do not need to protect themselves in isolation; they can enlist powerful allies in the cause of information security. While mobile and the cloud have posed new security challenges, they have also provided powerful new security tools.

Yes, providing information security today is a challenging task. But by building a moat of intelligence, organizations can protect themselves in a changing information environment.

More from Intelligence & Analytics

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Web injections are back on the rise: 40+ banks affected by new malware campaign

8 min read - Web injections, a favored technique employed by various banking trojans, have been a persistent threat in the realm of cyberattacks. These malicious injections enable cyber criminals to manipulate data exchanges between users and web browsers, potentially compromising sensitive information. In March 2023, security researchers at IBM Security Trusteer uncovered a new malware campaign using JavaScript web injections. This new campaign is widespread and particularly evasive, with historical indicators of compromise (IOCs) suggesting a possible connection to DanaBot — although we…

Accelerating security outcomes with a cloud-native SIEM

5 min read - As organizations modernize their IT infrastructure and increase adoption of cloud services, security teams face new challenges in terms of staffing, budgets and technologies. To keep pace, security programs must evolve to secure modern IT environments against fast-evolving threats with constrained resources. This will require rethinking traditional security strategies and focusing investments on capabilities like cloud security, AI-powered defense and skills development. The path forward calls on security teams to be agile, innovative and strategic amidst the changes in technology…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today