IT Briefcase Exclusive Interview: Balancing the IT Security Act with Geoff Webb, NetIQNovember 19, 2012 No Comments
Featured Interview with Geoff Webb, Director, Solution Strategy, NetIQ
There is no doubt that reaction rate and accessibility both play a major role when businesses are trying to fortify and protect sensitive company information online.
In the below interview, Geoff Webb from NetIQ outlines ways in which organizations can increase the speed with which they react to IT security breaches, and safely gain access to resources and mission-critical applications without putting their enterprise at risk.
- Q. In your opinion, how can businesses today begin to overcome the security challenges that are inevitably being created through the evolution of cloud computing, mobile applications (BYOD), and social media?
A. The first thing they need to recognize is that these trends are not passing fads. The economic and business flexibility benefits of cloud, mobile and social identity are simply too compelling to be ignored. So a degree of acceptance is required – if there was ever a fight over the role of these approaches, it’s been over for a while.
The other important point to recognize is the security challenges that each of these trends bring are really symptoms of a more profound underlying change. Long gone is the era in which a central IT authority controlled the use of business technology. The future looks a lot more democratized, and as a result, perhaps a little more chaotic. So the best thing to do is to take a holistic approach – to think about where security can make a difference to business risk, and to implement policies and controls that align with, and complement, business objectives. In the end, the best way to tackle these problems is to focus on the management of security of data (becoming far more data-centric in security planning) and on identity and access – so that the business can more effectively and securely manage who has access to resources regardless of where they reside or where they are accessed.
Taking this data-centric and identity-centric approach means that ultimately security processes will be built from the ground up to be flexible enough to meet whatever the business throws at it.
- Q. How important is the speed with which companies react to a security breach and what is NetIQ doing to help organizations maximize this reaction time?
A. Despite a lot of spending on security technology over the past decade or so, breaches continue to occur. This isn’t to say that security spend has been wasted, but with enough effort, or sufficient luck, attackers can breach most defenses.
So the question really comes down to this: to what extent can the damage from a breach be reduced? What’s clear from studies of breached organizations is that the speed of detection is critical to reducing the damage that an attacker can cause. Hackers will typically work over a period of time to establish a beachhead within your systems, expand their reach, and target valuable information for theft. However, spotting that attacker early can prevent much of that activity from taking place to begin with.
The best approach, and one that we certainly work with our customers to implement, is to ensure that systems are well protected and correctly configured, to slow down an attacker who wants to expand their beachhead within your network. It’s also crucial to provide as much intelligence as possible to security teams about suspicious activity as it takes place. Monitoring privileged accounts, watching critical systems for unusual activity or changes, and presenting as much *context* around the events and the identity of individuals involved, provides the fastest way to spot an attacker and stop them cold.
- Q. How can NetIQ’s Identity and Access Governance solutions help businesses gain access to resources and mission-critical applications without putting their enterprises at risk?
A. There’s always a balance that businesses have to strike between providing access to services and data, and maintaining control to keep information secure. Business users are now far more involved in the management of those business services than ever before, and they want to take control over who has access to those services and how that access is provided. NetIQ works to deliver solutions that let the business user more easily gain secure access to systems, whether those systems are local or in the cloud.
These solutions enable the business user to quickly integrate new services, to incorporate mobile access, and to operate freely to utilize cloud services to meet their goals.
Customers of our Identity and Access Governance solutions are therefore better able to manage access to these business services, to meet the demands of their auditors and governance stakeholders, and most critically, to do so quickly and easily enough to be able to focus on their role in driving the business, instead of worrying about technology.
- Q. How is NetIQ working to help IT organizations retain some control over securing data, while at the same time allowing business units the freedom to access the information they need to properly expedite their daily tasks?
A. The balance between security and access is particularly challenging when it comes to sensitive data. Whether you are a healthcare organization worried about sensitive medical records, or a retailer concerned with your customers’ credit card data, the task remains the same – make sure that the right people have access when they need it, and at the same time, avoid unauthorized access to prevent a breach that could cost millions of dollars.
The best approach is to focus on the data itself – and on the people who access it. We see the most successful organizations tightly integrating information about identity, access patterns, and events as they occur – in order to provide actionable *intelligence* for their security teams to respond. If, as a business, I can quickly identify when unauthorized activity is taking place, and I can spot that amid the “noise” of normal activity, then I have a much better chance of responding in a timely way to an attack. And that capability gives me the confidence to more fully support and enable my business to adopt new technologies, to utilize new trends like BYOD or cloud, and to aggressively compete – it’s a win for the business and the security teams.
- Q. What do you see as being the biggest IT security challenges that organizations will face over the next 10 years?
A. Over the next several years it’s clear that two trends will continue to collide in potentially harmful ways for the security of organizations.
The first is the decentralization of control over IT –BYOD, cloud, social identity and so on are all accelerating this change. The result is that it’s much more difficult for the security team to maintain visibility over risks resulting from the business technology decisions taken by business managers.
The second trend is that attackers are getting very, very good at what they do. There is a real trend towards the industrialization of threat – attackers are collaborating and sharing data and tools at an unprecedented level, making them far more effective at attacking organizations. They have the tools, the knowledge, and the time, to keep looking for weaknesses, and to exploit them ruthlessly when they find them – stealing information, disrupting activity and causing significant, and expensive problems.
It’s not hard to see how these two trends, – lack of control and visibility, and expanding risk – will cause some serious challenges for businesses and government bodies. Unfortunately there’s no turning back the clock; we have to adapt to the new landscape and get smarter in the ways in which we respond to attacks, as well as faster in aligning to new business initiatives. On the bright side, the security folks we deal with are well trained, highly focused, and more equipped than ever to rise to the challenges of the next decade and beyond.
Geoff Webb has over 20 years of experience in the tech industry and is Director, Solution Strategy at NetIQ. He is responsible for the NetIQ Information Security, Identity and Access and IT Operations Management solutions.
Webb joins NetIQ from Credant Technologies, where he led marketing around their data protection and encryption management solutions. Previously, Webb also served as a senior manager of Product Marketing at NetIQ, and held other management positions at FutureSoft, SurfControl and JSB.
Webb often provides commentary on security and compliance trends, and has written on a number of related topics for such journals and websites as: USA Today, CIO Update, Healthcare IT News, The Tech Herald, Compliance Authority, Virtual Strategy Magazine, TechBlind, Internetnews.com, e-Finance & Payments, Law & Policy, Dark Reading, BankInfoSecurity.com, Payment News and InfoSecurity.com, among others. He holds a combined bachelor of science degree in computer science and prehistoric archaeology from the University of Liverpool.Fresh Ink, SECURITY