ORLANDO -- On some level it may seem incongruous to many IT organizations but as security challenges mount, enterprises should take a look at their protection systems and look to simplify them -- not make the more complicated -- to battle hackers.
+More on Network World: Gartner: Get onboard the algorithm train!+
The Risk and Security officer in many enterprises today is mostly concerned with old technology risks. They’ve become obsessed with external hacks, chasing the impossible goal of perfect protection. However, 65% of CEOs say their risk management approach is falling behind, said Peter Sondergaard senior vice president of research withGartner at the consultancy’s Symposium/IT Expo this week.
“You can’t control the hackers. You can control your own infrastructure by using more automation, more outsourcing, and more network-based algorithms. Simplify your systems. We must move away from trying to achieve the impossible perfect protection, and instead invest in detection and response.”
As an example, average malware lies dormant, unnoticed, for more than seven months before it is activated or detected, Sondergaard said. IT leaders must get better at sensing these dormant threats.
Marc van Zadelhoff, vice president of IBM echoed a similar theme saying enterprises need to streamline their myriad security systems – the average large customer has 85 tools from 35 vendors -- and treat security like “any other transformative problem they have.”
“Look at security as an integrated immune system rather than a random smorgasbord of capabilities. It’s a better metaphor than establishing a castle and a barricade,” van Zadelhoff said.
CIOs need to rethink their security and risk investments. Gartner recommends that enterprises move their investments from 90% prevention/10% detection and response, to a 60/40 split, added Sondergaard.
Gartner predicts that by 2017 the typical IT organization will spend up to 30% of its budget on risk, security and compliance, and will allocate 10% of their people to these security functions. That’s triple the levels of 2011.
That kind of spending is in the face of an ever-threatening landscape.
“Criminals are the leading users of the advanced technologies like cloud and mobile. They work with encrypted browsers, get bonuses from their employers if they succeed and are just incredibly organized,” said van Zadelhoff. “IT needs to learn how to out-collaborate the hackers.”
One of the ways to do that is share security information and that was one of the driving reasons IBM this year released 700TB of raw aggregated data and offers cloud-based access to volumes of IBM and third-party threat data from across the globe, including real-time indicators of live attacks, which can be used to defend against cybercrimes, the company said.
Check out these other hot stories: