2011 has been dubbed as the year of specialized attacks. This fact has been very prominent in this year’s RSA Conference held this month in San Francisco, where we saw the different leading security companies shifting focus from protecting the traditional enterprise architecture to its next evolutionary stage, which is more susceptible to targeted attacks.
New advances in technology have initiated big changes on how people work in the enterprise world. These changes are also bringing in new security challenges in the workplace. What does consumerization, BYOD, and cloud computing bring to the enterprise security scene and how should we approach these new challenges?
The New Workforce Generation
Enrique Salem’s (President and CEO of Symantec) keynote discussing the differences of today’s workforce (which he termed “digital natives”), as opposed from earlier generations, is a good way of describing the current situation being experienced by enterprises today.
Salem describes this new workforce generation as the people born during and after the Internet boom of the 1990s. They have been raised in a world where everything is connected through the web and everything is done through the web. They are natural networking people that do everyday things in ways that were never done before, using tools such as social media and cloud computing. They are mobile, able to do anything, anywhere, any time, but exhibit continuous partial attention due the volume of information that they consume every day.
This whole new generation has just started entering the workplace in the last few years. They have brought with them demands to change the traditional enterprise architecture to fit their own working methodologies.
Blurring the Lines
As more and more people start embracing new technologies from the “digital native” mindset, they are slowly integrating these technologies into their own lifestyles. Mobile, always connected, always informed… these are all very helpful capabilities to have for our everyday tasks; more and more people are applying these same concepts in the workplace. Consumer devices–which is how most people are first introduced to mobility and connectivity–start finding their way into enterprise networks. People start bringing them in and demanding their network administrators to support them because they make their work easier and faster. More and more systems are being integrated into the cloud in order to give people access to their data wherever and whenever.
New technologies and devices are starting to blur the lines between people’s personal and professional lives. RSA Chairman Art Coviello even said that we are already past the tipping point of separating the two. The end result is that IT organizations end up having to learn how to manage things that they cannot directly control; security organizations end up having to learn how to protect things that they cannot directly control.
Free it up or Lock it down
In Christopher Young’s (Cisco Senior Vice President, Security and Government Group) keynote, he highlighted the same challenge that enterprise IT organizations have been trying to solve for the last few years. The new workforce attitude towards “how to do work” and the fast pace at which it is being adopted has forced companies to provide users with what they have been asking for; improved mobility and connectivity even at the cost of security.
On a positive note, this has proved to increase work productivity as people tend to work more given that they now have the capability to do it anywhere, anytime. Decisions are being made faster and with better results, due to fast information delivery systems which is a product of the hyper-connected environments. All of these are possible because of the open nature of the new enterprise infrastructure.
Unfortunately, freeing up resources and making them available outside of the usual workplace environment will open it up to a whole new set of vulnerabilities. The difference between protecting yesterday’s enterprise infrastructure and today’s is that before, all we need to do is lock everything down. The challenge today is that we are seeing a continuous demand to free it up in order to support the latest trends in information technology.
Art Coviello’s keynote on maintaining trust in today’s hyper-connected world gives us some advice on how to go about securing our infrastructures in today’s conflicting demand for security and openness.
He points out that risk management will play a big part in today’s security. Our systems will be compromised. Accepting this inevitability will ensure that we are ready to resolve the threat in the fastest possible time. Modern day attackers take advantage of gaps in security resulting from the openness of today’s infrastructures. With risk management, we will be equipped to react to be able to shrink those gaps and prevent loss from an attack.
Big Data is also a key factor in monitoring those security gaps. It gives us the power to identify anomalies in our environment quickly and effectively and shrink the window of vulnerabilities by applying fixes before they are exploited. Big Data is able to accomplish this by having three main components; data sets, analytics, and actionable information. Having and collecting huge amounts of data is not enough for this to work. Many of the current security applications in place today implement collections of big amounts of data but not enough intelligence. The ability to recognize which data is valuable and how to correlate it with other data is a vital step to produce actionable information from which security intelligence is acquired.
Lastly, the new breed of threats attacking us today will need cyber-security analysts with a few new items in their skill set. Analytic skills, big picture thinking, and even people skills are vital for addressing today’s complex attacks. Security analysts should be capable of catching faint hints of anomalies in their systems and understand what signals are important to look at, taking everything in and looking at it from a big picture perspective. They should also be capable of relaying these information to other people in a way that they could easily understand, since most attacks will target non-technical departments in an organization and it’s highly likely for attacks to strike numerous parts of a company. In these instances, fast and effective communication is key to acting quickly and resolving the threat with no or minimal loss.
In today’s hyper-connected world, risk is constant. After all, who wouldn’t want a world without risks? As Coviello said, “We can’t always get what we want. However, there are numerous ways to manage risks, shrink the window of vulnerabilities, and prevent loss… and if we try, we might find that we can actually get what we need.”