Traditional approaches to information security architecture planning don’t work. They take too long, they cost too much, and by the time you understand what needs to be done, the attackers are already inside your organization.
London, ON (PRWEB) March 14, 2013
For the first time, the United States has recognized cyber-attacks as the number one security threat to the nation, posing more danger than Al Qaeda and worries of weapons of mass destruction. According to Info-Tech Research Group, governments have been aware of this risk for a decade or more, but until the recent Mandiant report on Advanced Persistent Threats catalyzed mass media attention, this serious cyber-threat has in many ways been the industry’s dirty, not-so-little secret.
“Traditional approaches to information security architecture planning don’t work. They take too long, they cost too much, and by the time you understand what needs to be done, the attackers are already inside your organization,” says James McCloskey, CISSP, Info-Tech Research Group Senior Consulting Analyst. “The traditional perimeter network security approach is simply insufficient to protect your organization against this new breed of attackers.”
In order to penetrate your organization, sophisticated attackers will use the weakest links in your security infrastructure to initiate attacks. Organizations can only protect against these threats by taking a balanced approach between network security, asset security, and identity security, all based on a strong security governance foundation. In order for organizations to deal with the rapidly evolving nature of these advanced threats and countermeasures, architecture planning must be continuous and agile.
“The number one thing organizations need to do: aggressively prioritize and avoid being purely reactive,” says McCloskey. “Focus on what has the most effective risk reduction benefit without trying to boil the ocean. Understand your top priorities across network, asset, and identity security. Invest in resolving those top priorities, and worry about what comes next “just-in-time”. Remember to stay agile: trying to develop and work from a comprehensive master plan is a luxury that no one can afford.
About Info-Tech Research Group
With a paid membership of over 30,000 worldwide, Info-Tech Research Group (http://www.infotech.com) is the global leader in providing information technology research and analysis to the mid-sized enterprise market. It is North America's fastest growing full-service IT analyst firm.
James McCloskey is available for interviews. To set up an interview or for general media inquiries please contact Carlene McCubbin, Info-Tech Research Group Public Relations Coordinator, at 888-670-8889 ex. 2955, cmccubbin(at)infotech(dot)com, or on Twitter @InfoTechRG.