Discover Performance Blog

Welcome to the Discover Performance blog, a resource for enterprise IT leaders who share a passion for performing better. Here you’ll find strategic insights and best practices from your peers as well as from HP’s own practitioners who help others define, measure and achieve better IT performances.

For additional in-depth articles on critical topics for IT executives, visit  http://hpsw.co/b7NWj4e

Slow-moving attacks are hard to detect. How can you take action before it’s too late?

adversary ecosystem.JPG 

By Gerben Verstraete

 

Most security tools today are still in their infancy, focused on what’s happening now while the cyber-criminals have evolved in the way they operate. Most tool sets are very good at spotting intruders trying to get through the firewall or trying to execute a cross-site script in an application. But they aren’t designed to pinpoint attacks that take place over the course of weeks or months. Detecting these slow-moving threats calls for tools that can analyze massive quantities of data and then visualize that data to reveal trends. To figure out what’s going on, you need to look at data streams and find the outliers.

 

For example, we’re working with a manufacturer on statistics and visual modeling of trends over time. First we have them establish a baseline and understand what normal traffic looks like. Then they can see where deviations are.

 

According to a recent Ponemon Institute cyber crime study, the average annual cost of a data breach in the U.S. is $11.56 million. And, the time it takes to resolve an incident has increased by 130 percent over the past four years. You need big data to uncover these attacks, because the machine data you’re dealing with is so huge you’re never going to see the patterns without it.

Are turf wars wasting your money and jeopardizing enterprise security?

HP20140317152-city.jpgBy Gerben Verstraete

 

Cyber attacks have shifted from denial of service events to the theft of corporate data and intellectual property. This means that organizations need to move from traditional, non-dynamic policy-based frameworks to actively finding threats and protecting their data. To achieve this in the most cost-effective way, security and IT operations need to overcome turf wars and share information and processes One of my customers, a financial institution, has been struggling to clear this organizational hurdle. Only a top-down mandate for the departments to collaborate has enabled them to move toward converged security.

 

I've written previously about the advantages of converged security. As much as an enterprise may recognize those advantages, though, the problem is you're still dealing with two totally different authorities: Security and Operations. And often when it comes to transforming culture and changing the way people work, people just don't want to share. So making converged security a reality really becomes a Management of Organizational Change issue. 

IT execs: Integrate security and Ops to cut costs and reduce waste

michael-garrett2.jpgSecurity is changing. Ten years ago we used to worry about worms and viruses. As a result enterprises focused on perimeter defense. But high profile security incidents like the Target breach exploit internal weaknesses. Security now must cover more extensive ground—and as it does so it overlaps with territory covered by IT operations.

 

This new vulnerability is worrisome—especially if you’re the one trying to protect sensitive corporate data. But it also presents an opportunity for IT to cut costs, improve efficiency, and reduce waste. (If you’re concerned about security, come talk to our HP Software Professional Services experts at HP Protect.)

Search
Showing results for 
Search instead for 
Do you mean 
About the Author(s)
  • Alec Wagner is a longtime writer & editor, enterprise IT insider, and (generally) fearless digital nomad.
  • Lending 20 years of IT market expertise across 5 continents, for defining moments as an innovation adoption change agent.
  • This account is for guest bloggers. The blog post will identify the blogger.
  • I'm the community manager for Discover Performance and have been a writer/editor in the technology field for several years.
  • Mike has been with HP for 30 years. Half of that time was in R&D, mainly as an architect. The other 15 years has been spent in product management, product marketing, and now, solution marketing. .
  • Paul Muller leads the global IT management evangelist team within the Software business at HP. In this role, Muller heads the team responsible for fostering HP’s participation in the IT management community, contributing to and communicating best-practice in helping IT perform better.
  • Rafael Brugnini (Rafa) serves as VP of EMEA & APJ for HP Software. Joining in 1996 and has more than 20 years of knowledge and experience linked to HP. He resides in Madrid with his wife and family, and in his spare time he enjoys windsurfing.
  • Evangelist for IT Financial Management (ITFM), IT Governance and IT Portfolio Management, consulting IT organisations for Close to 15 years on principles of good governance.
  • Chief of Staff for Software & Information Management IT at HP, driving business and IT initiatives, as well as executive, employee, and customer communications and management of change for the CIO of HP Software.
HP Blog

HP Software Solutions Blog

Featured


Follow Us
Labels
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.