Subscribe

Digital era complicates cyber security

Lauren Kate Rawlins
By Lauren Kate Rawlins, ITWeb digital and innovation contributor.
Las Vegas, 06 May 2015
Security analytics will be critical to cyber security systems as the third platform infrastructure era enters the critical "innovation stage".
Security analytics will be critical to cyber security systems as the third platform infrastructure era enters the critical "innovation stage".

Data is a source of revenue for many companies and information security needs to be a top concern.

However, the process of protection is more complicated and very different to the static firewall of the platform-two infrastructure era.

IT research company International Data Corporation (IDC) identified the third platform as an area of innovation and growth in 2007, defining it as technology built on the pillars of mobile computing, cloud services, big data and analytics, and social networking.

IDC predicted the third platform would eventually become the new core of ICT market growth. Last year, IDC released a report detailing the company's predictions for 2015. "In 2015, the third platform will account for one-third of global ICT spending and 100% of spending growth," said Frank Gens, senior VP and chief analyst at IDC, who believes, over the next few years, the third platform will go through the critical innovation stage.

The security industry is changing dramatically and drastically because of third platform technologies, said David Goulden, CEO of EMC Information Infrastructure, speaking at EMC World 2015 in Las Vegas this week.

"If I can compare and contrast second platform applications, they were relatively static systems and that is where things like firewall and anti-virus software came up. Typically, the applications were used within the enterprises and therefore security challenges were more manageable."

Goulden says, with the third platform "the apps are often connected to all employees, all partners and anybody else who wants to come into the enterprise via a smartphone".

This raises a lot of challenges; two of the main ones both concerning big data.

1. Businesses need to securely authenticate people coming into its network based on who they are and what they do.

ITWeb Security Summit 2015

The 10th annual infosec event from ITWeb is a 'must-attend' for every IT and security professional and senior manager with business and information management responsibilities. Click here to register.

"You don't want to put up a 19 question-answer form for everyone coming into the network; you want the software to detect they are someone that is recognisable and then only a password is asked," said Goulden. "If that person then happens to log on from a different country five minutes later, it is probably not them and you want to detect this and ask more questions." Advanced identity management can be used to solve this problem.

2. Identification of anomalies occurring in real-time in a network.

Goulden said, in the third platform, "you cannot keep the adversary out; you have to assume that people who want to do bad things to your business have found a way in already".

He noted security analytics can be used to solve this problem by not only looking at behaviour but packaging and checking data going through the organisation in real-time.

(Lauren Kate Rawlins is in Las Vegas courtesy of EMC.)

Share