Phillip Miller, Head of Infrastructure & CISO, Brooks Brothers
“When choosing technologies for your security stack,
a fundamental criteria should be the availability of
- Effectively collecting and correlating all that data depends on interoperability in your security stack, and interoperability comes
from open APIs.
- An agent-based endpoint security system allows you to see where people are going, whether the protocols they’re using are encrypted, whether the usage patterns off-network are different from the usage patterns on-network, and if those patterns change.
“When building out your stack to improve incident detection, your analytical capabilities must be scalable to your worst data day.”
Before even thinking about optimizing or upgrading a security stack, an organization needs to have a solid roadmap that identifies current technological and process weaknesses. This becomes the basis for a plan to upgrade the tech stack driven by intelligent decision-making rather than a feckless pursuit of the latest gadgets.
Most organizations focus on key security strategies that include network controls, identity management, and data access management. That becomes a challenge in today’s perimeterless
environments. Now it’s necessary to think about how you are going to secure data that resides with external service providers, data that is accessed by devices the company does not own, and ways to secure an environment marked by associates working in your organization who never touch a corporate-controlled perimeter. In this environment, security strategy shifts away from prevention and shifts toward a more proactive strategy of immediately seeing when people have done something incorrect. This enables you to identify weak spots quickly and close them down.
The fuel for proactive security in a perimeterless environment is activity data. That data comes from multiple sources, including security tools and cloud-based services, and processing it requires analytics capabilities. Effectively collecting and correlating all that data depends on interoperability in your security stack, and interoperability comes from open application programming interfaces (APIs). When choosing technologies for your security stack, a fundamental criteria should be the availability of open APIs.
This is an excerpt from 7 Experts on Optimizing Your Security Stack. This series was generously sponsored by Carbon Black.