According to a survey report issued by Okta, 65% of respondents think that a data breach will happen within the next 12 months if they do not upgrade legacy security solutions in time. NSFOCUS, FireMon and Lastline commented below.
Richard Meeus, VP Technology EMEA at NSFOCUS IB:
“Attacks will happen. It is no longer a case of if, but, when. Whether it will be a massive breach that is widely reported or a small attack that takes a business offline, the options open to attackers are manifold. Security and productivity often make strange bedfellows. Both are integral to the business but both can have negative effects on the other if implemented without due care and understanding. Often security measures are knee-jerk reactions to breaches or media fanfare and in these cases they are often no more than just a plaster as opposed to curing the problem. This is when it will harm productivity and users become frustrated. Having a defined security policy and working with trusted partners helps organisations to deploy effective security seamlessly.”
Brian Laing, VP at Lastline:
“Most organisations recognise that they face a grave cybersecurity threat but have been too slow to react and often their response is piecemeal and tactical. Critical to successfully addressing this challenge is the recognition that the threat is continually evolving to exploit the weakest link in their defences whether that is through employees or systems or both. Achieving improved levels of cybersecurity requires rapid detection and response to attacks which means that organisations must harden their employees as well deploy integrated security solutions that provide security analysts with actionable information rather than drowning them in data.
With this understanding some of the critical improvements in enterprise security can be understood. Success will require acknowledging that employees play a role in the solution and provide them with education and training to ensure they are as vigilant as possible. With respect to security solutions they must then correctly identify threats, provide superior visibility into attacks, allow for immediate remediation throughout the entire enterprise and then provide basic information sharing so that all organisations can gain insights from the challenges they each are facing.”
Michael Callahan, VP at FireMon:
“I don’t think we’re failing as much as we don’t have enough skilled people and you need to supplant that through automation tools that help you manage the complex environments. Companies are increasingly looking to security management vendors to address both of these concerns. I’m surprised it’s not higher than 65% but maybe it has to do with how you define serious. I think most leaders believe they will experience some sort of breach. We don’t have a technology problem. There are many many security technologies. The issue is how do you effectively manage these solutions in an increasingly complex environment. The answer is to take advantage of security management tools that see the entire infrastructure and can automate change, find risks and simulate the effect of changes.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.