INTELLIGENT ENTERPRISE SECURITY
Silver bullets of
organisational security
While no single silver bullet can do the trick having multiple approaches can
help writes Mohammad Jamal Tabbara at Infoblox.
E
nterprises of all sizes are falling
victim to very determined
malicious actors whose motivations
range from financial gain to government
sponsored campaigns. The threats are not
limited to commercial enterprises but have
significant impact on civilian and non-
civilian government agencies.
The nature of what organisation must
address has changed dramatically over
the past decade. The threat surface has
expanded significantly, the nature of the
threats is evolving at an unprecedented
rate and the complexity of what makes up
an organisation has grown. Organisations
have migrated from having a tightly
controlled network with endpoints and
devices provided by the company, to one
where the very definition of an endpoint
and device is changing.
It is driven by the proliferation of the
Internet of Things IoT, organisational
policies to allow employees bring their
38
own devices on the network BYOD and
the adoption of private and public cloud
deployments. The definition of a network
has changed too, it is no longer a walled
garden but an amorphous structure where
users can access organisational resources
from anywhere, anytime, and from almost
any device.
To counter these factors, organisations
have started implementing solutions to
address security. However, this might be
a disappointment to several of you, but
reflects reality. There is no silver bullet;
no single solution that can address all
security issues.
A defence in depth approach did not
come about by accident but is based on the
determination that while you might need
a thousand solutions in your network,
you need solutions that address different
aspects of security.
You are not alone. Your networks have
changed significantly and you have multiple
There is no silver
bullet; no single
solution that
can address all
security issues.
solutions. That establishes a baseline. The
question is what can organisations do
differently to be better prepared. Here are
some suggested best practices.
Introspection
This means understanding your
capabilities and risks. Just understanding
the impact of being breached in terms
of cost, downtime and reputation of
the brand will help you prioritise what
actions to take.
Issue 17
INTELLIGENT TECH CHANNELS