The Growing Need For Enterprise Security

 Prasenjit Saha

The coverage of enterprise security is constantly being redefined on account of globalization and blurring boundaries of Big Data. However, on a broad level, it still comprises of the four key disciplines of information security, business security, physical security and operational risk management.  

 According to estimates from Gartner, the information security spending is expected to grow by 8.2 percent in 2015 to reach $76.9 billion. Various other research estimates indicate that the enterprise security has been globally growing at a CAGR of over 30% and will continue to do so in future. Key drivers of this growth include the following:

 * Ever increasing demand for virtualization, which in turn drives the need for the protection of the equipment that has been virtualized

* Renewed focus on business continuity driving increased adoption of disaster recovery solutions Adoption of new age technologies like mobile, cloud – both private and public, and social

* Prevalence of Big Data due to data creation and transfer across multiple channels including online and mobile Increased complexity and advanced nature of targeted attacks

* Disappearing business boundaries augmenting the need for enhanced compliance monitoring and management.

Threat Management

Enterprises are moving into advanced modes of threat control and monitoring, including implementation of stringent compliance controls across the organization, bringing the extended enterprise under the gamut of sophisticated threat control. Enterprises are embarking on multiple mitigation mechanisms that integrate cyber protection mechanisms that not only restricts itself to monitoring, but also address areas like stronger IP protection, sensitive data protection and online protection. Some of the key trends that have been marking the threat space are as follows:

 * Compromising a system through software vulnerabilities due to non-application of timely software updates. The common medium for these threats include plug-ins, common formats, web application frameworks etc. Application of timely updates can help mitigate such threats.

* Hacking privileged accounts and utilizing administrative control to gain unlawful access. By using privileged accounts only when absolutely necessary and minimizing number of systems running as local administrators, such threats can be mitigated.

* Malware installation to provide persistence on the host and remote control of machines. On many occasions, the malware also tries to steal credentials from local or service accounts and users who logon to the infected host. Regular monitoring and management of anti-virus and anti-malware solution can be the right mitigation mechanism for such threats. Further, unique password creation and management along with logging in segregation between administrator accounts and lesser privileged accounts, can help prevent such issues.

· Data theft after having access to privileged accounts is a crucial threat. The only way out is to ensure that the attack has been contained and controlled. Any controls to detect and govern malicious activity are a must.

Traditionally, security and fraud teams have been separate in organizations, purely due to the fact that fraud team steps in when security break has taken place. The main drawback with this approach is that it is reactive and no information sharing happens. The ideal way would be to have a cohesive, hybrid approach, one in which the two layers are integrated leading to collaboration between the two teams.

In the integrated approach, specific security applications developed for fraud risk management and fraud analytics is combined with security monitoring and management to aid collaboration. Various reports like reputational analysis, network data and more contextual information are shared by network team with the fraud team, helping them categorize and flag off potential threats.  This can further help enterprises embark on accurate and timely fraud detection and resolution.

 Key Trends

We expect three key trends to shape the security space in the future:

 * End to end data protection and governance: Enterprises will place more emphasis on creating solutions that are holistic in nature and encompass all aspects of security management and governance. The single and centralized control will further ensure collaboration across siloed teams enabling proactive identification of security threats and mitigation.

* Advanced threat detection and protection: Enterprises will move towards advanced modes of threat detection. With the dynamic change in technology and regulatory landscape, threat detection and mitigation systems that exist currently would easily be outdated. It is not sufficient to deploy advanced detection systems, but they need to be updated on an ongoing basis*

* More focus on security in Edge Computing and Analytics: Edge computing has been changing the dynamics of networking by taking computing power away from centralized modes to edges of networks. Security issues that can arise on account of this shift in computing model have come to the forefront and organizations are increasingly looking at mitigating such issues.

 Security solution will become successful only if it is holistic in nature, encompassing both, physical security at infrastructure level and IT security at technology level. Integration of physical security aspects including proximity cards with user authentication technologies enables creation of a consistent centralized repository with security credentials – one that can be accessed by setting privileges across all levels. This further enables organizations to derive more value out of existing systems and infrastructure. It also enables various metrics and analysis to be carried out based on data available through the convergence of both mediums – physical and technology.

The integration of building access with network security lets the two types of security solutions compliment and reinforce each other. The coupling of these two systems leads to robust, more integrated security, allowing organizations to manage network security under a single umbrella.