[BreachExchange] How to choose the right security solution for your business

Inga Goddijn inga at riskbasedsecurity.com
Wed May 4 21:16:51 EDT 2016


http://www.cbronline.com/news/cybersecurity/business/how-to-choose-the-right-security-solution-for-your-business-4883429

Last year, it seemed like we couldn't get through a single week without
hearing about yet another data loss. Breaches like TalkTalk and Ashley
Madison
<http://www.cbronline.com/news/cybersecurity/data/ashley-madison-hack-5-experts-measure-the-infidelity-of-the-data-dump-4650934>,
increases in insider threats both accidental and malicious, and the rise of
BYOD and remote working as the new normal have all combined to create the
perfect security storm for every organisation with data.

As a consequence, the security technology market has and continues to grow
and evolve based on these new threats. The worldwide cyber security market
is set to hit $101bn in 2018 according to Gartner. With that huge a market
and the slew of solutions available, choosing the right security solution
can be as confusing as the variety of threats organisations now face.

So what are the key questions organisations should ask when deciding on new
security technologies?
1. Are you expecting to grow, expand, merge or acquire?

Almost all organisations, especially IT departments are tasked with doing
more with less so costs will always need to be considered but it's
important not to consider them in isolation and not without thinking ahead.
Every organisation will be different but if you can think about what you
need right now and what you need in the short and medium term future, you
can avoid some unexpected issues, and costs.

For example, if you're a small start-up that is likely to quadruple in size
in a year
<http://www.cbronline.com/news/verticals/finance/has-market-consolidation-killed-vc-investment-in-cyber-security-startups-4876842>,
you need to think about whether a potential security technology scales and
if it does, what does the cost look like at scale? Many small businesses
opt for software rather than hardware solutions but buying additional
licenses, for example, can be an expensive business so providers who offer
scalability and flexibility in terms of switching tariffs etc can be worth
a small premium at the outset.

Most cloud and XaaS solutions offer great scalability and are often cheaper
than on premise solutions but you need to consider the security
implications and indeed the security record of your solutions provider and
complete the due diligence of investigating what security provisions they
have themselves as well as what back up and disaster recovery might be
offered as part of that cloud security solution.

In addition, if you're likely to get bought or buy or merge with another
company, you might favour open technology that's more compatible with other
systems that you may need to integrate with at a later date.
2. Do you have a remote workforce?

Employees now expect to be able to access information from anywhere,
anytime and from any device. So much so that BYOD has now become the norm.
But even without the challenges of BYOD, organisations will always have
senior team members who travel and are expected to work while they do so,
and IT teams will need to give them remote access to systems and secure any
data on their mobile devices.

There are two key considerations around securing remote workers. Firstly,
you need to ensure that the remote access to data on your network is
secure. For this you'll need some sort of Network Access Control (NAC)
solution. And secondly, you'll need to secure any data stored on a mobile
device because mobile devices by their very nature present a huge data loss
risk in terms of the devices themselves being lost or stolen. To combat
losing the data on these devices, there are geo-location technologies that
will track the device, technologies that can disable or wipe the data
remotely and of course, there are also encryption technologies to consider.
3. Do you have offices in different locations?

Many companies have more than one location and as such, they need to
consider how information is going to be accessed and shared among those
locations. The main decision here is whether to operate a 'mother ship'
approach whereby the servers and databases reside at one location and all
other locations connect to this either through a WAN or a Virtual Private
Network (VPN)
<http://www.cbronline.com/news/telecoms/network/top-5-vpn-services-of-2015-4636634>
or to go with a fully cloud based approach.

There are still security risks with the cloud but not necessarily more than
on-premise risks and there can be considerable cost savings to the often
huge CapEx associated with on premise hardware. Of course, there are also
firewalls to consider and how solutions like anti-virus will be managed
depending on which solution is chosen.
4. What kind of regulations do you need to consider?

Depending on your location and industry, there may be strict compliance
regulations that you need to adhere to that could impact what exact
security solutions you choose. There are always compliance and regulations
in sectors like banking, insurance, law etc, there is the HIPAA Act that
protects the privacy and security of health information in the US and in
Europe, the EU GDPR
<https://en.wikipedia.org/wiki/General_Data_Protection_Regulation> will
come into force in just two years time which will see fines to the tune of
4% of global annual turnover doled out for data security breaches.

It's imperative that any organisation does its due diligence not only about
the regulations within their own industry now and in the near future but
also the regulations within the industries they might wish to supply to.
Otherwise, the benefits and features of the security solution you choose
could be irrelevant very quickly.
5. Will one solution do or do I need a combination?

You should consider what exactly you need to protect and not be afraid of
using more than one provider. To use the example of securing remote workers
above, there's no point securing your network if you're not also going to
secure any mobile devices that connect to it - you might find a provider to
secure both or two that specialise in each, either is perfectly acceptable
as a strategy, you just need to understand how they will interact and
ensure you're not giving the IT department double the work.

Security is a complicated and ever-expanding business and realistically,
it's unlikely that you will find just one provider that will look after all
your firewalls, antivirus, mobile, network access and back up and disaster
recovery solutions. Consultancies and managed service providers can help to
either advise what solutions can work together or even take most of the
problems of resource away by offering outsourced security management with
SLAs.

Once you have security technologies in place, there will be onboarding and
there should be ongoing educational activity so that all employees
understand their responsibilities in using the security solutions correctly
and handing data carefully to avoid breaches.

But, before everything, before you even google 'security solutions',
there's a lot of upfront thinking to be done and a lot of questions to be
asked before you're really in a position to make an informed decision about
what you need.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20160504/4d14072d/attachment.html>


More information about the BreachExchange mailing list