Businesses must shore up security processes

Businesses across the world are facing an ever-increasing battle to keep their IT systems from being broken into by cyber-criminals and, according to Dr Prescott B Winter, CTO Public Sector for cybersecurity and compliance company ArcSight, no enterprise can ever be fully secure from cyber-attacks, particularly when human error is thrown into the information security mix.

“Nobody is ever going to be 100% secure in this domain, especially if you want to be open, exchange information with customers, do all the things that every company and government enterprise around the world is trying to do. Human error is inevitably part of the picture, that is why you have to be so diligent, you have to go back to inspecting to identify the departures from policy rather that just expecting people to do it right,”  Winter told

Winter identified five key processes that must be undertaken by corporations to render their security systems almost watertight.

The first of the key processes is understanding what the principal business risk issues are and why the enterprise exists.

Corporate security decision makers must know what information assets are most important for that mission, whether it is in a business sense, to sell goods and services, or whether it is in a government sense to execute some kind of government mission as a service.

“So the first question is to get the business risk management issues out on the table and to identify those and identify what has to be protected,” said Winter.

The second key security process is to have a reasonably good understanding of the current attack structures and the nature of the threats so businesses can understand how that set of attack vectors is likely to manifest itself when going after key business assets.

The third key point is that companies must have the right security sensors and instrumentation in the network to detect attack vectors.

“As these attack vectors come in, can I actually see them? Can I see them reliably and confidently and be virtually assured of picking them up when they come inside. These attacks do take time, they are not instantaneous and it takes a long time to introduce this stuff, to get it properly deployed. In most cases you have weeks to months to stop it,” said Winter.

The fourth key process, according to Winter is absolutely essential, and that is to correlate all the security information from a business or enterprise and get a holistic picture of the security landscape within the corporation.

Leave a Reply