From the Security Experts

December 12, 2012

Enterprise Security Today is a Living, Breathing and Changing Process

By SIP Trunking Report Contributor

While every company takes at least basic security precautions – firewalls, etc. – many security experts say that today, that’s not enough. Cyber criminals are becoming more sophisticated, better equipped and simply more determined, since the stakes are higher. They’re succeeding: in 2010, the average organizational cost of a data breach increased to $7.2 million, up seven percent from $6.8 million in 2009. Total breach costs have grown every year since 2006. Data breaches in 2010 cost their companies an average of $214 per compromised record, up $10 (five percent) in 2009, according to Symanetec’s report, “2010 Annual Study: U.S. Cost of a Data Breach.”

While cyber attacks were common, in years past, today they are a persistent, daily threat. Called “advanced persistent threat (APT),” it requires a more proactive approach to combating it that many companies are prepared to do. It’s a multifaceted problem: proactive companies need to build programs and policies for protecting enterprise intellectual property, personally identifiable information (social security numbers, passwords, etc.) and the integrity of their enterprise information systems. With more and more functionality being delivered through the cloud, this latter point has become a particular challenge. Throw into this mix the increasing number of employees who work on mobile devices (a concept called “Bring Your Own Device,” or BYOD), and ongoing security becomes a full time job for a company.

The truth of the matter is no enterprise security solution is “one size fits all.” Different companies work in different industries, produce different products and services, sell in different ways, have different customers and different corporate configurations. This means that security today is a highly personalized thing and seldom comes in a box if it’s to be effective.

Add to that the increasing threat of cyber espionage – which takes an entirely different process to combat – and the security environment for companies today is even more complex.

Advanced threat protection solutions provider Bit9’s, “Moving Beyond a Porous Perimeter,” outlines strategies for a robust enterprise security environment today. The paper makes a point that it’s critical to pay attention to endpoints: where data enters and exits a corporate network.

“Automatic and intelligent correlation of endpoint data reduces enterprise risks and costs. By building a library of event correlation experiential knowledge, the enterprise can better adapt to evolving threats and prevent future attacks. Such a holistic and adaptable security posture is required to successfully address today’s APT-laced environment and protect your business,” writes Bit9 in the paper.

What’s extra important is that security is an evolving concept. What worked last year or even last month may not work today, so there can be no “part-time security” in a successful company. The right mix of people, policies and solutions can go a long way toward securing an organization in the best possible way against today’s threats. 

Want to learn more about the latest in communications and technology? Then be sure to attend ITEXPO Miami 2013, Jan 29- Feb. 1 in Miami, Florida.  Stay in touch with everything happening at ITEXPO. Follow us on Twitter.

Edited by Brooke Neuman