A couple of years ago, the rash of misplaced corporate laptops and stolen back-up
storage devices caused a knee-jerk rush of enterprises to encrypt tapes and laptops.
Then there were numerous database breaches, and the immediate reaction from the
business world was to encrypt at the database level and implement more intrusion
Now enter the TJ Maxx (TJX) data breach. According to initial reports, this
data was breached over a long period of time without anyone (or any system)
noticing. The lesson here is not to simply deploy more access control, more
intrusion detection systems, or even more encryption, but rather that security
technology by itself isn't enough. It is about taking a less reactionary approach
to information security. The fact is that by continuing this reactive approach
to security, organizations are guaranteed that the hackers will always be one
step ahead, as they will always find the weakest link in the network security
The answer is to step back and take a more strategic approach to IT risk management
and be sure that the selected technology isn't chosen and deployed in a haphazard
manner. Reactive IT deployment can lead to tremendous inefficiencies and management
headaches. In reality, most organizations already have a decent security infrastructure.
What is needed is a security information management system that can not only
get the most out of these technologies, but can integrate everything from vulnerability,
log management, configuration, asset, and performance data.
All technology vendors claim to offer solutions, but let's face it, if it doesn't
solve a problem - it isn't a solution. A true risk management solution provides
the ability to simplify operations, support compliance initiatives, reduce cost
and minimize risk, and anything short of this is just technology for the sake
NOC and SOC Collaboration or Simply Co-Existence
After years of operating in separate silos, recently there has been a realization
that security is part of network operations. And to that end, currently there
is a lot of talk of the NOC (network operations center) and the SOC (security
operations center) needing to better collaborate. But, the reality is that it
isn't just about getting the speeds and feeds (network) department to work hand
in hand with the security folks, it is about a higher- level strategic view
of information technology and risk management. This co-existence / collaboration
is being taken out of the hands of these departments and increasingly being
elevated to a c-level issue.