Prevention Is Key To Enterprise Security Architecture

by Priyanka Pugaokar    Apr 03, 2017

security

Prevent, detect and respond are the three pillars of the enterprise security architecture. When enterprises look for the right security framework, there is a growing inclination for CISOs and security heads towards the detect and respond mechanism. Very few place ‘prevention’ at the core of their security strategy. The prevention focused security framework however is gaining prominence in recent times. Budget constraints and a shortage of skilled manpower is compelling enterprises to bring maximum value out of deployments, and hence, a prevention first approach, can enable them to build robust security policies and address the issue of cost and talent, believe experts. 

Building Prevention First Mind-set

Information security was largely talked about in terms of compliance a decade ago. Since then it has moved from being on paper as a compliance issue to a threat that is very real and serious. Today, enterprises are heavily leveraging the digital technologies for business agility where the internet has become a business enabler. At the same time, it has opened up doors for adversaries. In such a scenario, mere detect and respond strategy will not be sufficient to address the emerging threats. Therefore, it is important to have robust prevention systems in place to address the new threat vectors.

“When any organization goes digital and its touch points in the internet increase exponentially, it cannot afford to focus only on detecting and responding because it cost them money in terms of investment in technology and people. Therefore, the strategy should be making sure that they tighten the screws around prevention and then strike a balance between detect and respond piece. I think this is the strategic change that needs to be brought into the effect considering the emerging threat landscape,” said Sundareshwar K, Partner at PwC.

According to the report of Gartner, spending on enhancing detection and response capabilities is expected to be a key priority for security buyers through 2020. However, security experts say that there is a need bring the prevention in the mainstream strategy of organizations for better control over the processes.

 “The cyber security preparedness strategy is moving towards detection and response and the prevention first mind-set is little lost or ignored. However, prevention is one of the extremely important elements, from a cyber security point of view. Even if enterprises have strategies around detect and respond, fundamentally they cannot leave by just detecting the cyber threats and responding to it. Therefore, there is a need to bring the prevention in the mainstream strategy of organizations so that they can put the prevention back into the system to address emerging cyber threats,” said Sameer Ratolikar, CISO, HDFC Bank.

Changing Enterprise Security Landscape

The enterprise security landscape is changing as the threat vectors are evolving and becoming complex every single day. Earlier, organizations were focused on conventional defences such as perimeter security or end point security, intrusion prevention systems, etc. Today, it is very important to look at the overall security architecture with a different approach. There are new emerging phenomena coming into cyber security space, which are using the technologies like machine learning, Artificial Intelligence etc. in security solutions to handle adversaries effectively.

“We feel that the antivirus kind of approach is dying because the kind of threats, which are coming in the last few years are not basically to prove that they can bring down the business operations but they are purely coming for the monitory benefits. With the increasing number of devices that are connected to the internet, enterprises need to have perimeter security which is not a traditional firewall but a platform based approach and intelligent network that will sense the traffic going on the network,” said Mandar Marulkar, CIO, KPIT Technologies.

Awareness: Indispensible to Security Strategy

“We feel that the antivirus kind of approach is dying because the kind of threats, which are coming in the last few years are not basically to prove that they can bring down the business operations but they are purely coming for the monetary benefits. With the increasing number of devices that are connected to the internet, enterprises need to have perimeter security which is not a traditional firewall, but a platform based approach and intelligent network that will sense the traffic going on the network,” said Marulkar.

“Of late we hear many compromises at the partner level, but it affects the organization. So how do enterprises ensure that the guiding principle they are implementing in their organization is also implemented on the partner level. It is very important that enterprises build a proper technology, processes and an ecosystem of partners, who are well secured at all levels,” Sanjay Sharma, Head - Technology, Innovation & Customer Fulfilment, RBL Bank.

Today, there are various tools available in the market to measure the effectiveness of the technology and processes. Enterprises can leverage technologies such as automation and analytics to track behavior systems. Similarly, they need to have a good security awareness campaign across the organization including board and customers. There are a bunch of the companies are now coming up with the security scoring services. However, it is debatable how effective they are but that helps in terms of visibility.

“Enterprises should apply the principle of Triple P & T i.e. process, people, partnership and technology have security at all the level. It is easy to get technology, but how do you ensure the effective usage of the technology. We do exercises such as a war game where we simulate the environment for a cyber-attack to understand different reactions from the security team, InfoSec team and top management. So I think all the three teams have to react differently and need to be trained accordingly. We use tools such as educational emails, series, workshops for internal training and awareness,” Sharma added.

It is a known secret that cybercrime syndicates are winning the war against cyber security defences. Therefore, prevention, detection and incident response becomes mission critical for organizations. Prevention is a fundamental and base of the security architecture, hence it is very important for enterprises to have a preventive security mechanism to achieve a robust security posture.