Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

See it, protect it, control it: A roundtable discussion

Alan Shimel | Oct. 3, 2012
Network World recently asked blogger Alan Shimel, co-founder and managing partner of The CISO Group, to host a roundtable discussion with representatives from three sectors of the security community: a practitioner, an analyst and a vendor. The wide-ranging conversation touched on everything from the state of threats today to the failure of risk management, the need to share information and a massive attack suffered by the user.

And learn lessons from people like Kevin who have lived through this. Because if you have not seen the types of attack that Kevin has experienced, you're in deep, deep trouble, because you are experiencing them.

SHIMEL: Adam, your advice?

O'DONNELL: Easy. You can't go and address the threats you are facing nowadays by buying a black box from a security vendor and having them say, "Trust me, we got this." You need technologies that give you visibility into the attacks you're seeing right now, as well as visibility into seemingly innocuous behavior. You need to be on both the host and the network, and you need to be able to tie those two data points together. You also need to have a plan in place that lets you control and address some new attack once it comes in. Because as Kevin said, when D-Day comes and you don't have these tools in place, you're not going to be able to respond.

SHIMEL: Fantastic. And last but not least, Kevin?

KERR: You can't just do one thing. Technology helps, but understanding risk and threats is a big piece because you can't go and buy the latest two zillion dollar tool. You're working in a very hostile environment, and you've got to figure out how to detect [the bad guys], contain them and then stop them from getting stuff out. And be willing to reach out for help when the stuff hits the fan. That was one thing we weren't afraid of and I thank management for backing us on this from a security perspective. We reached out to other national labs, we reached out to industry, and within 24 hours we had 30 people on-site from various entities helping us to figure out what was going on.


Previous Page  1  2  3  4  5  6  7  8 

Sign up for Computerworld eNewsletters.