Technology Evolution: Cyber Security Challenges and Opportunities
World Security Report and Chris Barnett, GDIT
October 2, 2017
Share this page:
Criminals, nation states and insider threats are the principle cyber security challenges. However, organizations also must plan for data growth, technology obsolescence and provide an information technology (IT) infrastructure and environment that is secure and promotes more efficient and effective mission accomplishment.
The tactics and techniques of transnational criminal organizations and nation state threats are evolving as rapidly as technology. The challenge extends far beyond traditional IT, however. Technical changes – from highly sensorized cities and manufacturing facilities to the enticing benefits of utility computing – are dramatically altering organizations’ information security requirements and the skillsets required to address them. Software complexity opens new avenues for attack, while the explosion of data provides adversaries new places to hide.
Specific defensive products and technologies will come and go, but at General Dynamics IT we believe that the most important ingredient for managing future threats is a focus on our customers’ missions and the decades of experience we have in operating, maintaining and building security into everything we provide. From our experience, we believe there are some general principles that organizations can use to improve security and mission performance.
Make Data Your Friend
It is no secret that adversaries hide in the background noise of an organization’s data. The challenge is particularly acute for many critical infrastructure and manufacturing entities, whose data processing requirements extend well past conventional IT protocols and services. Traditional security tools and analysts are often not adequately trained to understand specialty device protocols or construct complex queries to comb through petabytes of information. To address these limitations:
- First, consider breaking down silos so the data is available for search by authorized parties across the enterprise. Your adversaries have few limits on what they can access, so you shouldn’t limit what your security staff can access as a result of arbitrary silos within your organization.
- Second, commit to profiling data flows so irregularities stand out. While heuristic tools to manage risk 12 - World Securit y Repor t w w w.worldsecurit y-index.com CYBER SECURITY and detect anomalies have existed for several years, many organizations simply have not committed the investment. Consider establishing a repository of common queries so analysts can pool their knowledge and not have to commit an extraordinary amount of time to execute complex searches.
- Finally, not all event data is equal. Tie data to assets the organization absolutely must protect, enabling rapid understanding of context for the event, as well as the mission or business impact. Automate the Routine to Enable Effective Hunting