|
Protecting against undefined exploits and security threats |
|
|
|
Source: Security Park - Posted by Pax Dickinson
|
There is a wealth of tools available to help protect the enterprise from security threats. Firewalls, virtual private networks, strong user authentication, encryption, intrusion detection/prevention systems (IDS/IPS), email filters, antivirus, vulnerability scanners are all options. Each of these point solutions is capable of addressing a specific element of the security mosaic. In order to address their limitations many enterprises attempt to aggregate these solutions in a futile attempt to achieve effective IT security.
In isolation or even together, however, these tools are ineffective against unknown, targeted or blended attacks. That is to say, a previously undefined exploit requires the vendor to develop a system security patch, during which time, the undefined attack will propagate, unchecked, throughout the enterprise. If this happens to be your network your enterprise will be on the security front line - open to virus and hacker attacks and unable to maintain normal business activity. From a corporate governance standpoint, this lack of security control is simply unacceptable.
The downside of this deterministic or signature-based approach is that it is increasingly difficult to track, let alone manage the volumes of alerts coming daily from multiple sources. Corporate governance, however, demands that these alerts are managed using formal and auditable IT risk management processes with timely and meaningful security outcomes.
The corollary being that in an increasingly complex and networked world the risks to the enterprise have become increasingly debilitating and while the fundamentals of managing these risks have changed little.
Read this full article at Security Park
Powered by AkoComment! |
