What is your organization protecting?
You know the drill: load balancers and traffic analyzers in place – check, firewalls raised – check, IDS running – check, email attachments analyzed in a sandboxed environment – check, latest malware signatures distributed – check, known vulnerabilities monitored and patched – check, intelligent log file monitoring installed – check, user behavior-based activity monitoring in place – check. This brief non all-encompassing checklist must sound pretty familiar to those of you trying to secure enterprise systems from intrusions and various kinds of cyber attacks.
Along with the rise of APT’s and other sophisticated threats capable of utilizing complex multi-vector attacks, the trends in cyber security have moved slowly away from the simplistic defend the tower and whack-a-mole scenarios. It used to be enough to raise the walls around the enterprise to secure its internals from outsiders, or to keep the AV software’s signatures updated to defend against the latest malware at large. Now the trends have moved more towards increased systemic resilience and self-adapting, intelligent defenses. Nevertheless, we Spartans argue that this welcomed evolution of defenses is just a part of the whole solution.
While we at Sparta Consulting recognize that it is a significant part of total cyber security solution to secure the technology layer from attacks and intrusions, we want to underline the utmost importance of securing the most important asset of any company or organization, the business-critical information. It is after all information that resides in and flows through the enterprise systems, which support and enable people and core processes to make the business to tick.
We evangelize that it is in the best interest of the companies and other organizations to recognize the importance of information for the business on the strategic level, to understand the flows of information within the organization and outside of it, and to evaluate the importance of various kinds of information pieces to people, processes and operational systems and their functioning.
We also preach the importance of understanding and appreciating the risks associated with the loss of information; blocked, intercepted or manipulated information flows; unauthorized access to information assets; and operational friction caused by information sabotage.
Thus the question remains: what is your organization protecting, and whether you have left something critical out of the focus?