Most companies do not act fast enough when their data has been lost or leaked from the network, and often they don't know what data has left the network, or that it has left the network at all.
DJ Skillman, director of technical services of Splunk, Europe, Middle East and Africa, explained at the ITWeb Security Summit why it's critical for business to apply a pattern-based strategy to IT security and risk management.
According to Skillman, a pattern-based strategy is a business methodology of continuously monitoring data and user behaviour on the network, in order to predict potential risk and establish what to do if data is lost.
Skillman said business is becoming more complex because of additional supply chains, device connections and complicated IT infrastructure.
He said many companies don't even know when their data has been lost or leaked, and often there is a delay to recognise and act on the problem.
“A pattern-based strategy can also be used for security and can move an organisation from being reactive to being proactive about risk.”
According to Skillman, companies should move their strategy from “seek and respond” to a strategy focused on “seek and act”.
He said companies can do a root cause analysis to determine better ways to address security risk challenges.
“Organisations can use pattern-based thinking to understand the business vision and determine what might cause the business to lose focus and not fulfil its vision.”
Skillman indicated that ways in which an organisation could determine whether information is at risk is to search for failed log-in attempts. Another method to apply pattern-based thinking is to monitor user clicks on a Web site.
“A pattern-based approach should be driven by what keeps CEOs up at night. The risks include the cost to the business in terms of not being able to take orders for a product, loss of revenue, reputation issues and data loss or breach.”
According to Skillman, organisations need to anticipate attacks, look for attack vendors as well as attack patterns.
“It's important for business to be able to adapt. Every company is finding ways to stop security problems, and yet it's the adapting part that we are still trying to get right.”
Share