Network, endpoint, data security must be synchronised
For decades, the security industry has been treating network security, endpoint security, and data security as completely different entities," said Varun Parikh, the security tech lead at Sophos.
Speaking at the ITWeb Security Summit 2017 yesterday, Parikh said the ever more complex cybersecurity threats require a sophisticated, synchronised approach that integrates multiple solutions.
He used the analogy of securing a building with three security guards - one outside the front door, one inside, and one in front of your safe - but not allowing them to talk to each other. "As threats get more complex, and IT resources continue to be stretched, it's no longer possible to maintain this approach without compromising the protection."
Therefore, a synchronised approach is needed, which in terms of IT security is relatively new: network security systems are synchronised to provide automated correlation, threat discovery and incident response in seconds, simplifying management and enabling faster decision-making.
Today's threats are not as simple as they were ten years ago and a shortage of cybersecurity-skilled professionals compounds the problem, he added.
No one solution will ever be a complete solution, conclude Parikh. "Relying on only one is like relying on only one type of weapon to win a war - threats need to be tackled from all angles, in a coordinated way."