Right now, as you are reading this sentence, cyber criminals are attacking organizations worldwide. And these attacks are becoming more sophisticated and successful—proliferating in both volume and variety. This deluge in volume, severity, and type of attack is forcing many CIOs and CISOs to rethink their security strategies.
“The assumption has to be that not only will you be attacked, but that some attacks will be successful,” says Tom Ordahl, the Chief Strategy Officer for Landoor Associates. “Planning has to begin from there.” But despite the recognition of this threat and the need to define a coherent strategy to defend against it, many organizations are divided in their security planning.
The Boardroom Divide
Several previous articles on Radius have discussed why firms are finding it difficult to respond to cyber attackers. The foundation for this series is the recent global survey by The Economist Intelligence Unit (EIU), sponsored by VMware. The first article in the series, “The Great Divide,” highlights one of the key findings from the EIU survey—a fundamental disconnect in corporate boardrooms worldwide regarding the seriousness of cyber threats. Subsequent articles in the series targeted different findings from the EIU survey, including the one area in which business executives and security executives agree—the top three cyber threats faced by firms today; the differences of opinion about the impact cyber security has on business innovation and efficiencies; and the fact that the time has come for a more strategic, architectural approach to security.
This final article in the series explores the steps involved in defining a new, strategic plan for cyber security. After all, every company must plan for an attack that is imminent. “Companies have to plan ahead for managing the attack,” says Ordahl. “You don’t want to be figuring out how to manage your response in the middle of a crisis.”
Step 1: Prioritize Your Defenses
Most companies acknowledge that they cannot defend everything. Therefore, the first step in defining a new security plan is to prioritize your company’s defenses, allocating resources and funding to protect the firm’s most valuable assets. This requires the C-suite and security leaders to get in sync with each other to be successful.The disconnect between the two sets of leaders also reveals a fundamental communications problem.
A recent survey by the Ponemon Institute concluded that security professionals, concerned that they are perceived as always being the “bearers of bad news,” tend to “dumb down” and filter out negative information when communicating with C-suite executives. And yet, as the survey also points out, C-suite executives often tune out their security leaders when the conversation gets too technical or granular in its product specificity.
For both sides of the boardroom to come into alignment around a new security plan, it is crucial that both sets of executives re-think how they communicate with each other.
Step 2: Implement a New, Strategic Security Architecture
The next and most important step is to implement a flexible, architecture-based defense that, once a breach takes place, automatically identifies, mitigates, and contains the attack—without even having to notify IT. VMware NSX network virtualization offers organizations the foundation for the comprehensive security architecture they need to defend themselves against the growing number and types of cyber threats. NSX offers organizations the alignment and ubiquity needed for a true security architecture that defends across compute, network, storage, and even clouds.
Micro-segmentation, made possible by VMware NSX, not only enables a comprehensive security architecture, but also adds tremendous operational agility. It allows security policies to be automatically applied when an app is added (“spun up”), moved when a virtual machine (VM) is migrated, and removed when the app is decommissioned. This brings a level of security that, prior to NSX, was prohibitively expensive and complex.
Step 3: Put a Crisis Management Plan in Place
The final step in defining a successful security strategy is to ensure that a crisis management plan is in place. It should be a plan that assumes the worst—that significant customer assets have been compromised.
Micro-segmentation with VMware NSX offers the technology to contain and control a cyber attack while also offering unprecedented visibility to target the attacker. But it is critical that the security team communicates these capabilities to the rest of the organization, to demonstrate that it is handling the attack in an orderly, structured, and ultimately successful way.
It is also important for firms to come clean and disclose the full extent of a breach to their customers and regulators. By being as transparent as possible, firms avoid the accusation of trying to conceal a data breach. Then, by speaking about the unique capabilities of VMware NSX, the firm is also able to take control of the public dialogue about the breach, and show it will fix the problem and better protect the firm in the future.
Define Your Security Plan
Although cyber attacks are escalating worldwide, the good news is that VMware NSX offers the foundation for the strategic, architectural approach that firms need to usher in a new, far more efficient and cost-effective security strategy. It is what companies need to define a new security plan to meet the known cyber threats of today, and the unknown threats of tomorrow.