With the emergence and rapid rise of cloud, mobility and social media, information security has been put through its paces recent years. But it will likely take more than a conglomeration of advanced solutions to rein it in and keep it all under control.
Instead, it will likely require detailed assessment, comprehensive strategy and effective risk management to tie it altogether, according to RSA Inc., the security division of EMC Corp. Establishing strategy is also where the channel will likely be able to make the biggest dent with these emerging technologies.
An RSA report, released in tandem with the Security for Business Innovation Council, and titled “Information Security Shake-Up: Disruptive Innovations to Test Security’s Mettle in 2013,” addresses just that. Specifically, the report assesses how disruptive technologies such as Big Data analytics, cloud, mobility and social media impact IT and how security strategies should be implemented in order to securely assimilate new technology trends.
Altogether, the report outlines four main strategies –related to cloud, social media, mobility and Big Data respectively — targeting enterprises adapting information security programs over the next 12 months.
Here is a quick summary:
- The Cloud: The rapid adoption of cloud brings security concerns front and center. In order to remain secure and keep systems compliant, enterprises should find a way to evaluate providers’ security controls.
- Social Media: Security teams need to implement comprehensive and effective security controls to manage risk, and if they can, establish a multidisciplinary team governing the process.
- Mobile: Rapid adoption of mobile platforms has forced security teams to step up their game in order to manage risk and protect data. As such, they’ll need to build comprehensive BYOD strategies that assume the endpoint is not secure.
- Big Data: The inherent value of Big Data requires security teams to build out multi-year plans to progress their security model, which will ultimately enable security teams to leverage Big Data to more effectively to detect security threats. That means security teams will also need to be involved with Big Data strategies out the gate in order understand those risk and develop strategies to mitigate them.
“Information security must evolve in 2013 from reactive perimeter and signature-based approaches, to risk-based programs that protect the most important business assets in whatever context they may exist – cloud, mobile, or traditional data center,” said Eddie Schwartz, chief security officer for RSA, the security division of EMC. To succeed security leaders must invest in intelligence-driven strategies that harness the power of Big Data analytics and agile decision support.”
The report doesn’t detail anything that security solution providers haven’t heard before. It’s old news that disruptive technologies have opened new threat vectors and create new threats that exposes sensitive data. And that’s not about to change any time soon.
However, the report does provide some insight into how RSA will treat these technologies going forward. To that end, the report represents a tangible roadmap that underscores RSA’s future investments in intelligence-based and data-centric solutions going forward. If nothing else, that gives RSA partners a better understanding of where to place their energies with the Massachusetts-based data protection firm.
Among other things, the report reaffirms an increasing need for solution providers to ramp up security threat and risk assessments, as well as consulting services around Big Data strategy. It also calls out the fact that while solution providers will likely need to dive deeper with Big Data and intelligence-based data protection solutions, those solutions will almost certainly need to be bolstered with a portfolio of related, high-margin services that will allow solution providers to better compete in Big Data markets.
In recent months, RSA has let it be known that it plans on securing itself in Big Data and intelligence technology markets.
In November, RSA partnered with security firm FireEye, Inc. in a threat monitoring service that leverages newly implemented analytic capabilities to better nab attacks.
In September, RSA issued a brief providing guidance on how government and other organizations can leverage Big Data to transform Security Information and Event Management (SIEM) into a solution that more effectively detects and eradicates advanced threats.
Previously, RSA has set the stage for impending solutions by issuing a host of resources and data. Now, over the next year, it’s likely that solution providers will be waiting to see what actually emerges.
Leave a Reply