In the days of yore, when most computers were connected via wired local networks, organizations typically relied on endpoint protection to ensure the integrity of their networks and the security of their data. Like the walls and moat of a castle, endpoint security was based on a simple principle: Keep threats outside, and the interior will be safe.
However, the information world has changed. Internet connectivity has made every PC in the network a potential endpoint. Mobile devices and cloud computing have globalized the local network, rendering uncertain the very concepts of endpoints and perimeters.
Today, a “moat of intelligence” is needed to safeguard an organization’s valuable data.
Security: From Myths to Reality
As networks have become more complex and cybersecurity threats more ruthless and sophisticated, too many organizations have retreated into security myths. Either they indulge in wishful thinking (“We won’t be hacked”) or they become paranoid (“We need to lock down everything”). Neither is true.
At a recent Web event, Brendan Hannigan, general manager of IBM Security Systems, outlined how firms can protect themselves against today’s threats. He said the concept of a castle moat needs to be replaced by a moat of intelligence: an active understanding of threats and an awareness of what needs to be protected most against those threats.
Building the Moat of Intelligence
According to Hannigan, a key first step in protecting information security is to “know thyself.” While 70 percent of the value of modern publicly traded firms is embodied in their intellectual property and other data, this highest-value information may account for less than 2 percent, down to as little as 0.01 percent, of total data repositories.
Trying to protect everything can end up protecting nothing. Therefore, firms should concentrate their efforts on guarding this high-value information while giving other data an appropriate measure of security. This means information holdings must be assessed.
The other component of the moat of intelligence is actively engaging security threats. Today’s cybercriminals are sophisticated and determined, but they do not have magical powers. Like burglars in the brick-and-mortar world, they have to “case the joint” to find and steal high-value information. Security intrusions leave distinctive and detectable traces that security experts can recognize.
Enlisting Security Allies
By working with the broader security community, a firm’s security team can tap into the latest threat profiles and security intelligence resources. Organizations do not need to protect themselves in isolation; they can enlist powerful allies in the cause of information security. While mobile and the cloud have posed new security challenges, they have also provided powerful new security tools.
Yes, providing information security today is a challenging task. But by building a moat of intelligence, organizations can protect themselves in a changing information environment.