By Joe Bertnick, Director of Product Management, Symantec Corp.
On the battlefield, a general’s responsibility is to coordinate different bodies of soldiers whose commanders may not know what the others are doing. The complete picture of the battle only emerges when these individual reports can be combined and analyzed, yielding a strategy to ensure victory. Just as modern war has come to involve smaller bodies of soldiers carrying out specific missions, our security tools in the data center are addressing new and unique risks to different parts of the security ecosystem. In this world, the CISO is the general directing our overall efforts, merging the “in the trenches” technical details with the overall strategic direction of the business. And they need to be able to gather this intelligence anywhere, at any time, because security incidents aren’t limited to office hours. And while technology such as smartphones and tablets can present challenges, mobile devices are also an ideal way for management to keep up with business risks in real time.
It seems that every week we hear about a new security incident exploiting a previously unknown vulnerability, which is quickly followed by a new security tool or patch. This presents three challenges when it comes to protecting the organization’s resources:
- First, timing is critical. Minutes in risk management can translate into millions of dollars in damage if issues are not identified and resolved as quickly as possible. CISOs need instant access to risk information in the office, at home or on the road.
- Second, unifying a large group of discrete data sets into a whole picture can be difficult. Because different units within the company often operate in silos, a potential security situation detected in one area may rely on permissions from a different group to address the issue. In addition, two separate indicators detected by different departments might represent a different threat from either one alone. Bringing together this intelligence into one unified view that can be accessed on a mobile device is important for the most accurate assessment of risks.
- The third challenge is translating the technical data into business terms that stakeholders can use to make informed decisions. C-level executives will have different levels of technical expertise, and stakeholders may not understand the impact that one missing patch on servers can have. Instead, they need to hear the potential business impact – that the situation can lead to an attack bringing down the e-commerce site.
Visibility into individual risks and their overall effect on the business will become increasingly critical in the coming years, particularly as we take more advantage of technologies such as mobility and clouds. In addition to expanding our security needs, these tools also present new opportunities to simplify the monitoring and remediation of our current risk state, with solutions that can be accessed from anywhere to provide unified, current information. Today’s CISO should look for tools that will supplement the existing elements of their security infrastructure and provide a prioritized view of threats, translated into plain language that will provide decision-makers with the visibility they need to protect information moving forward. With the clearest, most up-to-date intelligence, today’s CISO – the general on the cyber-battlefield – will have the tools they need to win the war.
Learn more about how to manage business risk in real time at Symantec Protection Center’s home page.