The Converging Security Landscape

May 26, 2005

Gregg Mastoras

As businesses are being buffeted with multiple security threats, today's CIOs face the constant problem of trying to protect their networks from the "hot problem" of the day while still maintaining control of their systems and their sanities.

The message is clear: Businesses must increase their efforts to protect their resources, reputations and relationships with customers and vendors. How? Implement a multi-tier security model in addition to rolling out best practices for end-users to thwart threats, vulnerabilities and beyond.

What makes this job even more confusing is that as CIOs are inundated with new security threats they must also try to decipher what security vendors warn about and what are the real-and-present dangers to their network.

Pinpointing the vulnerabilities and addressing the problems is not an easy task. For instance, CIOs are now finding themselves being held responsible to understand, address and meet compliance regulations such as Health Insurance Portability and Accountability Act (HIPAA), Sarbanes-Oxley Act, Gramm-Leach Bliley Act and many others.

It's a balancing act for today's CIO who needs to cover a very broad spectrum of security and other information technologies, and they must do so accurately, within budget and on time.

Threat Convergence

One very obvious example of this escalating issue is the convergence of viruses and spam.

For some time now, we've seen a high level of cooperation within this underground community, which has increased the volume of spam that businesses receive. The influx of spam potentially represents serious security and resource risks such as overloading systems, clogging mailboxes, reducing productivity, defrauding recipients, and draining morale.

The security threat from spam has increased exponentially as spammers have begun carrying out increasingly aggressive attacks, while malicious threats have increased in volume, complexity and speed -- spreading between business networks within seconds.

Why have spammers, virus writers and hackers joined forces? To make money quickly and as stealthily as possible. Their goal is to go undetected by security radar, making the job that much more challenging for businesses to protect their networks.

Spammers are increasingly leveraging a growing support network to acquire the specialized tools and services needed to make spamming more effective. Virus writers and hackers supplying the infrastructure needed to deliver spam, spammer services supply specialized skills and resources, and spamming software coordinates spammer services and manages campaigns.

A Multi-tiered Approach

The average end user has easy access to the Internet and that offers abundant benefits to businesses in productivity, connectivity and new applications.

However, giving end users this level of access has also created a number of vulnerabilities. With the complicated nature of today's IT infrastructure and the complexity of rapidly evolving new threats, vulnerabilities have increased even further.

Without question, there are certain elements that are integral to every organization. But as operating system vulnerabilities are discovered and exploited more frequently and quickly, the speed that new viruses and worms spread and the ever-increasing threat from hackers, some businesses are choosing to add client firewalls on desktops and laptops as an extremely important component of the overall security arsenal.

Businesses are also implementing formal systems to patch against vulnerabilities, and equip IT departments the resources to manage these procedures.

Beyond the basic security needs, there isn't a network security blueprint applicable to all businesses, so cutting through what security vendors claim as a "must have" can be somewhat of a daunting task.

CIOs are inundated with dozens of security vendor marketing materials delivering various claims as to how to fully bulletproof the network and beyond (and that probably includes us) but ultimately the decision is an individual one.

It's become a challenge for CIOs to reduce administration and integration costs while maintaining accuracy and stability. Recognizing the severity of internal and external threats and striking the balance between best of breed versus unified solutions also fits into the equation.

In addition to the technology, however, there's one other thing that CIOs can do for a little security peace of mind. Implementing a best-practice policy regarding email account usage for employees is an effective tool for minimizing what comes into your network and conversely, what goes out.

Educating end users serves as a significant line of defense against unwanted email, possible infection to your network and potential infection to those outside your organization. Most human resource departments are equipped to help introduce and enforce best practices and policies.

The bottom line is that a CIO needs to take a step back from all the hype to really evaluate his or her network. Only the CIO -- not the media, not vendors, not analysts -- can really know what security solutions work within their business and how to effectively blend them to work in parallel with other systems. There is no time and most likely limited budget for unnecessary frills.

Gregg Mastoras is a senior security analyst with Sophos, an enterprise-class anti-virus, anti-spam vendor with offices worldwide.


0 Comments (click to add your comment)
Comment and Contribute

Your comment has been submitted and is pending approval.



 (click to add your comment)

Comment and Contribute

Your name/nickname

Your email


(Maximum characters: 1200). You have characters left.