Today, we are at war with increasingly advanced attackers. We are up against different adversaries - a marketplace of adversaries who are advanced, organised and specialised. And they share their intelligence better than we do.
Any attack has a life cycle. First, the target is researched, both individuals and the organisation. Next is infiltration, where cyber criminals break in and get a foothold. Once in, it's about discovery - they expand their foothold, capturing information and assets. Finally, they exfiltrate the data.
Jacob West, CTO of HP's Enterprise Security Products and HPSR lead, says the best way to combat this is by educating users and using counter-intelligence. "Find out who they are, and what techniques they are using."
Secondly, stop access as far as possible, he says. "Prevent them from getting in, but don't focus all your assets on this."
He also advises that, to reverse 80% of the problem, get 20% of the investment paradigm. "Focus a lot more on identifying the adversary, and importantly, decrease the window of discovery from 243 days, on average, to a matter of minutes."
West says response planning is also key. "You will be breached. Prepare for when you are."
Actionable information
With this in mind, earlier this year, HP formed HP Security Research (HPSR), a group that aims to provide actionable security intelligence through published reports, briefings, industry collaboration and security blogs.
According to West, HPSR is leading HP's security research agenda, leveraging existing HP research groups, including ArcSite, Fortify and TippingPoint, to focus on vulnerability discovery and analysis, and will also manage the Zero Day Initiative, a 'bug bounty' programme that focuses on identifying zero-day vulnerabilities.
West says today's businesses need to share intelligence to effectively prevent, detect and mitigate against the growing number of increasingly sophisticated threats.
HPSR is helping the industry to address these threats by sharing information and remediation, publishing reports, and offering access to a global network of security experts.
Share
