By Carl Blackett, Norfolk County Council’s ICT Security Architect
Summer 2012 has been quite the season for team events. The Rugby world cup, the Euro 2012 football championships and the London Olympics show that the teams who win through are the ones who work best together.
The concept of national teams involves a manager selecting the ‘best of the best’ from his country, putting them together as a team and, theoretically, the outcome should be a winning force.
What on earth does this have to do with security and my business? The answer is more obvious than you think….
Imagine your security solution is this ‘National Team’ and the head coach being your IT manager; their job is to select the ‘best of the best’, install and sit back to watch his nice, secure organisation tick along….
Is this always the case? Have we missed something?
Yes…
A national team can be a force to be reckoned with but can equally be a farce to be ridiculed if things don’t go quite according to plan, would you like your security solution to be a force or a farce?
All products of a type will do the task they are designed for, otherwise they wouldn’t exist, but for the ‘national team’ what we should be looking for is something that will work well with others.
Does the coach of a national team simply select the best and throw them into the arena in the hope that they perform and win? No, there is a period of ‘fine tuning’ prior to this. This consists of training sessions, friendlies and practise events to ensure team works well together and communicates.
Should you be doing this with your security solution? Simply, yes…
Testing your entire solution is the most important thing you can do to ensure complete coverage. Internally testing individual components is important, but even when these are working correctly they should be able to communicate with other members of the ‘team’ to enforce a complete solution.
For example, if your Intruder Detection Solution identifies a new attack signature it should inform your firewall security mechanisms to block, your endpoint solutions to clean any files and your security team to monitor the threats.
This would demonstrate a security solution which covers everything from perimeter to endpoint. In the same way as a sporting team, it is not only the defence who need to defend during a period of attack.
There are some simple steps to follow when selecting products to secure your estate.
- Review available options and select appropriate products
- Ensure these products can work with the other products you already have
- Test products to ensure implementation has been done correctly
- Test your entire solution.
The important phase in this is step 4.
There is also specialist companies who will test these solutions end-to-end to ensure a solution is fit for purpose, these companies are trained in this type of testing and ensure they are up to date with the current threats, tactics and techniques.
Working with these companies to tailor this testing can add additional business benefits, imagine scenarios and establish which data is the most business critical and ask for testing to be focussed on this.
Hacker collectives are communicating and working together to present a unified attack, now is the time to ensure you have a unified defence…
See, Security and Sports are more related than you think, at least the tactics are anyway….
