Six Pre-Requisites for the New Wave of Enterprise IT Security Solutions
Given that IT security is a $60 billion market, you might think that we have robust solutions for keeping enterprise networks and data protected. But you’d be wrong. In reality, better than 1 in 5 enterprises—and likely more—has been compromised. In the past few years, the number of cyber-breaches and the sophistication of the attacks have heightened dramatically. 250,000 new pieces of malicious code are detected every day, designed to steal data and money, or deliver more sinister payloads by attacking infrastructure. Today’s security solutions have not kept the pace.
It’s a major reason why cybersecurity has received more attention in Washington than ever before. President Obama included the issue as a pillar of his State of the Union address this year, and followed that by signing a cybersecurity executive order that spawned whispers of pending comprehensive legislation on a national scale. A Senate survey of top U.S. chief executives recently confirmed that several Fortune 500 companies are prepared to back an initiative by the federal government to create cybersecurity standards to protect them, so long as participation remains voluntary.
But voluntarily or not, some notable high profile organizations have been victims of large-scale cyberattacks in the past few years, including the New York Times, Lockheed Martin, and even NASA. These organizations did not drop the ball; in fact, by many standard measures they were using good industry practices. But those standards are just not enough to protect them from today’s threats.
Clearly, new solutions are needed, as well as a fresh approach to IT security.
In my view, the next generation of cybersecurity solutions must:
- Operate under the assumption that any competent hacker can get past the perimeter defenses and go undetected by traditional security layers. Existing solutions are non-sufficient to stop modern sophisticated attacks. Being secure will again require new investments and it is only getting more costly if data is stolen or the network or service is taken down.
- Be able to monitor and prevent malicious code or activity without impacting regular business. For most companies, security that impacts daily business is too expensive and will not be well-received. They will look for a solution that invisibly fixes threats and improves performance when corporate security is threatened.
- Function at the operating system-level to detect rootkits and other deeply hidden malware. A rootkit is code that burrows into the OS kernel and today often runs undetected. Solutions offering more visibility at the OS level are the kind of innovative IT security approach needed to defend against modern malware available on the black market today.
- Be able to track behavior over time, as many advanced persistent threats (APTs) lie dormant for days, weeks, even months. The New York Times was targeted by this kind of attack, typically a long-term pattern of sophisticated hacking attempts aimed at governments and companies. Chinese hackers had attacked the Times for at least four months, the company reported in January. New solutions must build and manage a security infrastructure capable of discovering, containing, and responding to advanced threats.
- Adapt to new exploit techniques for exploits yet to be invented/used. Our former portfolio company Fidelis (acquired by General Dynamics) has been lauded for its XPS Advanced Threat Defense products that allow organizations to discover and eradicate threats in real-time. Solutions will need to be flexible and creative enough to detect new variants and yet-to-be invented methods of attacks.
- Be usable by regular IT folks, not just those with advanced IT security knowledge. Not all companies can afford their own highly certified data security team, but all need to be able to protect their networks and data. Solutions should simplify the tasks that consume time and resources, helping both users and IT to keep working.
We are living in a time of unprecedented cyberattacks on government, business, and at home. Rapid adoption of BYOD and the cloud has provided new vectors of attack for the “bad guys,” and security requirements have increased dramatically. New IT security solutions must secure corporate networks from within and protect against new kinds of threats, but also must be usable by typical IT administrators. It’s a difficult balance to achieve, but the current threat landscape demands it. It is also an opportunity for new innovative thinkers to solve.