“Anonymous hacks Department of Justice, leaks 1.7GB of data”
“Security Breaches Shake Confidence in Credit-Card Safety”
“Britain’s Serious Organized Crime Agency website hit by cyber- attack”
“Survey by Ponemon Institute reveals that information theft continues to represent the highest external cost. On an annualized basis, information theft accounts for 40% of total external costs.”
Gloom in the headlines and statistics that don’t shock us anymore – representative of a world that we all have to live in, organizations have to operate in, and economies have to flourish in.
Cyber criminals are deploying deadlier cyber weapons at a brisk pace and designing malicious software for a spectrum of devices. It’s no surprise then that, a recessionary environment coupled with a competitive market and demanding customers, is making most enterprises feel a heightened sense of insecurity.
The need of the hour is to raise protection levels against cyber-crime with visibility across all aspects of security operations. Deploying a comprehensive security solution that properly assesses and mitigates security risks, monitors and responds to persistent attacks from the outside or inside, and safeguards what the organization values, will go a long way in achieving your enterprise security goals.
The motivation for change is clear. So, what next? How does one define, design, and deploy a comprehensive security solution? How much security is enough?
In an environment where organizations spend millions of dollars on deploying a combination of security solutions from different vendors that create complexity and system overhead, such questions need to be answered. We at Unisys believe that a security posture based on the following 7 security principles is a good place to start:
Such an approach helped Spain’s Ministerio de Empleo y Seguridad Social (government agency) develop the solution it needed to monitor the status of key security vectors in real time across data centers separated by several kilometers. The new capabilities ensure that only trusted, credentialed individuals are able to gain access to these facilities, monitor activity inside the data centers, and enable subsequent audit processes.
They now know that anything less, will not do.