A Security Practice Needs to Demonstrate Continuous Improvement
- Using predictive threat detection that involves scoring anomaly risk is an key element of active endpoint security.
- Active threat detection requires new skill sets, because you are no longer waiting for something to happen. Teams need to understand the possibilities of events they are seeing.
“Progressive security operations centers need to extend their reach into endpoint devices, including desktops and phones.”
Information sharing is crucial in educational environments, especially higher education, and their networks must support this. Open networks, however, present a special challenge for IT security organizations. “In higher education, we typically have networks that transmit a lot of data very fast,” says Todd Spight, chief information officer (CIO) at Columbia College. “And you find a lot of high-end computers. We attract attackers who are looking for free firepower. So it’s not about just prevention anymore—it’s about detecting, and being able to respond and recover. You have to change your priority from prevention being number one to detection being number one.”