A non-clairvoyant approach to improving security

  • Predicting security breaches is complicated.

  • Four proactive steps can help reduce risk.

  • AT&T can help you take the right precautions.

Trying to predict when a network or data breach will occur is a complicated task. Lacking the resource of a good soothsayer, you can only see nefarious happenings on an organization’s network once events have begun to affect the hardware and controls that make up our multiple layers of defense. To be proactive, you need to take action before a vulnerability or an active security event has been discovered. So, how can you see into the future, and what proactive cyber defenses should be employed?

Steps to help predict the future

Unless you are a true prophet, you can’t accurately predict the future. However, with predictive security, you can help reduce your operational risk by implementing these four primary activities:

  • Vulnerability reduction
  • Large scale event correlation
  • Social research
  • Basic security best practices (especially patch management and training)

When combined, these actions can help reduce risks to your environment. Therefore, security is proactively improved.

What’s normal?

Large scale event correlation helps you define what’s “normal” for your environment. When you know what patterns are normal, it is easier to identify things that are different. By partnering with AT&T to address your security requirements, you can use the AT&T Security Event & Threat Analysis service to help analyze what is crossing the public Internet to your benefit. When action is taken based on high probability signs, or precursors, of possible attacks, you can proactively stop high risk activities before they start to get out of control.

Not all alerts are created equal

I need to caution you about reacting to items that have minimal potential risk impact. Worst yet, you may become like Chicken Little, screaming that the sky is falling when it is barely raining. Focusing your energy on potential events will burn out your team, cause them to lose focus on critical cyber risks, and reduce credibility with upper management. However, by using social media data analysis in addition to security event analysis, you may see correlations in advance of an actual event, allowing for better prioritization to help reduce risks.

Predictive security, or more honestly stated, aggressive risk reduction, is the result of taking many small steps and analyzing critical data to determine your vulnerabilities, then taking action to reduce the risks discovered. This way, you make a proactive impact to reduce risk to the organization and the critical data within it.

Like the heroes of old, by layering multiple defenses and looking at the signs, you too can help protect your prized possessions from being stolen. Learn how AT&T Managed Security Solutions can help you layer your defenses.

Steve Hurst Managed Security Product Director AT&T About Steve