As an industry, we’ve built some amazing technologies that provide defense in depth across our perimeters, networks and endpoints. We’ve created some pretty amazing tools that are able to analyze, correlate and process massive amounts of data that could indicate malicious activity. But it occurred to me that even with the most robust defenses in the world, our hyper focus on prevention and threat detection have caused us to lose sight of what it is we are defending. Our data–our intellectual property–is what drives our companies forward and provides valuable products or services to our customers.
Those of us that have been in the security space for any length of time have seen the threat landscape change rapidly. Security practitioners and the vendors that build tools to support them also have evolved dramatically. Security teams are building impressive layered defenses, as evidenced by the dramatic growth in the number security solution providers. I recently returned from the RSA Conference and, even though I’ve been going for over a decade, I’m still amazed every year by the number of new vendors that continue to pop up. There are now more than 1,600 security companies in the market, according to Zulfikar Ramzan, CTO of RSA Security. Ramzan also stated that one of RSA’s customers is using 84 different security vendors–yes, 84! He goes on to say that number really isn’t uncommon.
Don’t focus on threats at the expense of what’s being threatened: your data
All of these solutions do a pretty good job of understanding the particular threats they are focused on. They effectively work to detect, deny or disrupt those threats across your perimeter, inside your network or on your endpoints. But ironically enough, the tools themselves don’t have the needed visibility into what they are protecting.
And what they are protecting is the whole point: it’s the data–your company’s intellectual property, the very ideas that make your company valuable. Deloitte found that 80 percent of a company’s value is in its intellectual assets.
When it comes to protecting your data, knowledge is power
We need to do more than just stop as many threats as we can. We need to understand our data and recognize that it is the lifeblood of our companies. It is critical to know where our data is, who has it, where it is moving to and from and exactly what information is moving. No matter how complex our security posture is (and possibly because of that complexity) threats will always get through. So, we need to include data-level visibility in our security planning and tool portfolio. Data-level visibility gives us proper insight into exactly what is happening with our data, so we can be smarter about protecting it. This visibility will be a powerful complement to the rest of our security toolsets, helping to more easily detect, investigate and rapidly recover from malicious incidents.
Knowledge is power. Knowing exactly where the most important information lives and moves is a critical step in fully protecting the most valuable assets we have: our ideas.
Forrester’s Mitigating Insider Threats: The Security Playbook