Discover Performance Blog

Welcome to the Discover Performance blog, a resource for enterprise IT leaders who share a passion for performing better. Here you’ll find strategic insights and best practices from your peers as well as from HP’s own practitioners who help others define, measure and achieve better IT performances.

For additional in-depth articles on critical topics for IT executives, visit  http://hpsw.co/b7NWj4e

Slow-moving attacks are hard to detect. How can you take action before it’s too late?

adversary ecosystem.JPG 

By Gerben Verstraete

 

Most security tools today are still in their infancy, focused on what’s happening now while the cyber-criminals have evolved in the way they operate. Most tool sets are very good at spotting intruders trying to get through the firewall or trying to execute a cross-site script in an application. But they aren’t designed to pinpoint attacks that take place over the course of weeks or months. Detecting these slow-moving threats calls for tools that can analyze massive quantities of data and then visualize that data to reveal trends. To figure out what’s going on, you need to look at data streams and find the outliers.

 

For example, we’re working with a manufacturer on statistics and visual modeling of trends over time. First we have them establish a baseline and understand what normal traffic looks like. Then they can see where deviations are.

 

According to a recent Ponemon Institute cyber crime study, the average annual cost of a data breach in the U.S. is $11.56 million. And, the time it takes to resolve an incident has increased by 130 percent over the past four years. You need big data to uncover these attacks, because the machine data you’re dealing with is so huge you’re never going to see the patterns without it.

Are turf wars wasting your money and jeopardizing enterprise security?

HP20140317152-city.jpgBy Gerben Verstraete

 

Cyber attacks have shifted from denial of service events to the theft of corporate data and intellectual property. This means that organizations need to move from traditional, non-dynamic policy-based frameworks to actively finding threats and protecting their data. To achieve this in the most cost-effective way, security and IT operations need to overcome turf wars and share information and processes One of my customers, a financial institution, has been struggling to clear this organizational hurdle. Only a top-down mandate for the departments to collaborate has enabled them to move toward converged security.

 

I've written previously about the advantages of converged security. As much as an enterprise may recognize those advantages, though, the problem is you're still dealing with two totally different authorities: Security and Operations. And often when it comes to transforming culture and changing the way people work, people just don't want to share. So making converged security a reality really becomes a Management of Organizational Change issue. 

IT execs: Integrate security and Ops to cut costs and reduce waste

michael-garrett2.jpgSecurity is changing. Ten years ago we used to worry about worms and viruses. As a result enterprises focused on perimeter defense. But high profile security incidents like the Target breach exploit internal weaknesses. Security now must cover more extensive ground—and as it does so it overlaps with territory covered by IT operations.

 

This new vulnerability is worrisome—especially if you’re the one trying to protect sensitive corporate data. But it also presents an opportunity for IT to cut costs, improve efficiency, and reduce waste. (If you’re concerned about security, come talk to our HP Software Professional Services experts at HP Protect.)

Search
Showing results for 
Search instead for 
Do you mean 
Featured


Follow Us
Labels
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.