The Gartner IT Security Report 2008 recently showed that businesses continue to spend on security. Encouragingly, the research clearly demonstrated that businesses are only too aware of the increased security risks they potentially face. Companies are truly focused on protecting IT from sophisticated and targeted attacks - which are getting worse.
This can be evidenced by the fact that in 2008, we uncovered that there was more malicious software discovered than in the previous five years combined, and the fact that 80 per cent of all malware is financially motivated.
In the economically challenging times of late, cybercriminals have never been more motivated to attempt to benefit from stealing company data, and as a result data loss and ID theft alone cost companies an estimated $1 trillion each year. McAfee Avert Labs predicts that attacks on businesses could increase by as much as 500 per cent this year.
As the threat environment for businesses has become increasingly complex, organisations have tended to deploy a wide variety of solutions to meet these challenges. According to industry analysts, a large enterprise today can have as many as 200 different security providers.
Having understood the potential security dangers they face, many large enterprises have increased their spending in security and increased the number of security solutions they deploy to cover everything from email security to system and data protection.
Nonetheless, such an array of security solutions from different vendors has created somewhat of a corporate headache, creating significant complexity for security teams.
At the same time, the current recession is forcing many organisations to look at consolidating security solutions providers in an effort to reduce expenses and drive down hardware, software and operational costs.
Faced with the aforementioned security risks, today’s challenging economic conditions and the need to have a robust security solution whilst minimising complexity, has effectively made security a strategic decision.
Security is no longer an operational issue for companies, it is of strategic importance, and not surprisingly companies are beginning to adopt a strategic approach to the development of their security roadmaps, taking them from tactical, threat-driven protection to an optimised security architecture.
Currently, many organisations exist with a baseline level of protection, caused by the lack of integration in their security products. Enterprises need to move towards a more proactive approach in order to achieve an optimised security architecture.
Blueprint for tomorrow’s security architecture
A robust security architecture requires a centralised security management platform which can deliver real-time visibility, multi-layered protection and automated compliance. It requires scalability, usability and integration with systems management tools to ensure more streamlined security operations.
Only by ticking all these boxes and delivering these services, can companies derive the improved security protection they require whilst achieving the cost reductions they deserve. So, when building a security architecture of such strategic importance to the enterprise, what should the blueprint contain?
First and foremost, and bearing in mind the constant increase in security threats to companies, it must be strengthened protection. This requires integration within and between endpoint, network, data and compliance solutions to reduce the security gaps and management complexity.
A centralised security management platform should give companies multi-layered protection and a holistic view of their entire security infrastructure; whilst at the same time allow integration of certified partner products to help the organisation future-proof their security architecture.
Equally important, a centralised security management platform should deliver increased enterprise-wide visibility, allowing the company to manage from a single platform all security policies, and manage all security products from a single source.
The security platform should be able to leverage security data from multiple points across the enterprise, surfacing issues that are not visible using siloed technologies. By having this enterprise-wide visibility, companies can eliminate protection gaps by determining risks in a matter of seconds, prioritised so IT teams can reach quickly and confidently.
This coupled with correlated threat intelligence and real-time visibility into the enterprise-wide security posture should also be part of a company’s security blueprint.
The single view which a centralised security management platform provides avoids the management of multiple point solutions with separate management consoles which is known to increase the operational costs of managing security. Not only will companies have to spend more resources (people and time) to manage security, they will have less coordinated visibility into the security events due to having more management consoles to manage from.
Finally a centralised security management platform should help companies automate compliance. This involves ensuring the security platform can help organisations simplify policy assessment, vulnerability management, remediation and reporting, to achieve and maintain compliance.
The growth of compliance mandates and standards increases the need to automate compliance reporting to prove security measures are in place. Security’s pivotal role in enabling and delivering company-wide compliance will only become ever more important as it can help organisations reduce future IT spending for compliance requirements.
According to Boston-based analyst house Celent, global IT spending associated with governance, operational risk, and compliance (GORC) activities is expected to increase at a CAGR of 6.6% overall, from $1.4 billion in 2008 to $1.7 billion in 2011.
Businesses are looking for a strategic security partner to help consolidate different solutions in order to reduce costs and complexity. A centralised security management platform can optimise and transform the way business approach security, enabling unparalleled protection for the enterprise yet reducing management costs and complexity.
Companies that embrace building a scalable and future-proof architecture for security are effectively empowering themselves to be more agile and to reduce costs with proactive protection.
Mike Smart works for McAfee's Network Security business unit, formerly Secure Computing. Prior McAfee’s acquisition of Secure Computing in 2008, Mike worked at security and infrastructure companies such as Novell, SonicWALL and Proofpoint.