As the threat landscape evolves, organizations struggle to address security gaps. With the right mix of tools, talent, partners, and policy, however, it's possible to close these gaps.
They're reckoning with a grim reality: even with core security solutions in place, significant security gaps exist.
Securing the Modern IT Infrastructure
Enterprises are plagued by myriad security gaps leaving the IT infrastructure vulnerable. The majority of these gaps, according to a 2018 survey conducted by the Ponemon Institute, are due to the expanding and blurring of the IT perimeter.
As businesses adopt hybrid environments, they're finding it harder to protect those environments from sophisticated cybersecurity attacks with standard security measures. Fifty-five percent of respondents in the Ponemon survey said that it's hard to protect the IT perimeter given the requirements needed to concurrently support the Internet of Things, bring-your-own-device, mobile, and cloud initiatives.
A lack of visibility into who and what is connected to the IT infrastructure compounds matters. Sixty-seven percent of respondents said that their security teams have no visibility into or control over the activity of every user and device connected to their IT network, which leaves systems susceptible to attacks that use compromised user credentials. At the same time, 48 percent of survey respondents said they suffer from a cybersecurity skills gap because the skilled personnel needed to counter the new breed of sophisticated cyber attackers are hard to come by.
Creating policies to plug the gaps
Aligning to the National Institute of Standards and Technology Cybersecurity Framework can be an important first step to close security gaps. The framework is built with an understanding that security is an end-to-end initiative, and focuses on five core areas: identify, protect, detect, respond, and recover. Together, these core components "aid an organization in expressing its management of cybersecurity risk by organizing information, enabling risk management decisions, addressing threats, and improving by learning from previous activities," NIST says.
Having a clear security policy in place forms the foundation for any successful protection strategy by giving organizations a holistic understanding of how to better manage risk. Once such policies are established, organizations can look for the solutions and services that will best provide them with the 360-degree protection they require.
The Aruba 360 Secure Fabric from Aruba, a Hewlett Packard Enterprise Company, is one such security framework. It's built with the understanding that security must protect the entire enterprise. As such, it provides integrated solutions, not individual point solutions that security teams would have to cobble together. Security professionals can now develop a seamless path to security that encompasses everythingโsuch as user and device discovery and access control, and analytics-driven attack detection and responseโwith automated and dynamic policies that span wired, wireless and VPN networks.
Improving detection with visibility
All too often, organizations don't even know that they've been hacked until the damage is done. It can be months between the time a cybercriminal installs malware and when the compromise is found. For a large enterprise, the amount of transactional data that goes through the system in that timeframe is phenomenal. If a hacker's watching it all, and you don't know it, the results can be catastrophic.
Combating cybercrime without visibility and context is impossible. If your system identifies someone from the HR department attempting to access a Finance application, you need the visibility to know what data was accessed, when and on what device. You also need context to be able to determine if the behavior was legitimate. Without the right tools and policies, organizations can quickly get so bogged down in investigating false alerts that they may not respond to the real alerts until it's too late.
Modern secure network access control tools such as Aruba ClearPass empower the enterprise through improved visibility and management capabilities. For comprehensive control of burgeoning IoT devices, Aruba ClearPass Device Insight delivers valuable visibility and profiling to address the security and compliance risks associated with unidentified or unmanaged devices connected to the networkโeven those IoT devices that have been deployed without IT knowing about it.
The rise of phishing and advanced attacks makes security analytics tools such as Aruba IntroSpect instrumental to a holistic detection and defense strategy. The ability to identify the subtle user and entity behavioral changes common in stealthy attacks and to automatically assess and alert on the risk with comprehensive context lessens cybercriminals' effectiveness. By employing machine learningโbased intelligence, IntroSpect can dramatically strengthen the detection, prioritization and investigation capabilities of security teams.
Finding the right talent resources
Having the right people with the skill sets necessary to facilitate risk management is crucial. Yet finding them is difficult. You need talent that understands how to protect every aspect of your IT environment, all the way down to the silicone layer in your servers.
Security personnel play a pivotal role in investigating how breaches occur and making the changes necessary to minimize their long-term impact. Whenโnot ifโyou get hacked, how quickly you recover directly affects the financial implications of the breach, as well as customer and shareholder confidence.
A trusted partner such as HPE can help you build your security team. With a variety of service levels designed to fit an organization's existing needs, Continuous Security Improvement Services from HPE can help your organization build a bulwark against today's dynamic threat landscape.
Installing holistic solutions for gapless security
With the attack surface expanding and security skills in short supply, it's never been more critical to address gaps in your security programs. The right mix of holistic solutions and trusted partners makes it possible to plug security gapsโeven in a complex, hybrid environment. Although every organization is at risk, security does not have to be a abyss that requires endless resources.
Think of it, instead, as a business enabler that reduces organizational risk and empowers teams to innovate freely. With a robust set of security policies in place, and solutions and services to support these policies, businesses can change the conversation around security to one of empowerment instead of breaches.
Bob Moore
Hewlett Packard Enterprise
twitter.com/HPE_Servers
linkedin.com/showcase/hpe-servers-and-systems/
hpe.com/servers
Bob_Moore
Bob leads the partner software organization for the server division. His team is also responsible for productizing the new HPE security technologies and delivering a comprehensive approach to security across all solutions.
