Additional processes that must be expressed as security policies are related to logging and alarms. In the event of an intrusion or even an attempted intrusion, logging leaves a trail of digital breadcrumbs that leads back to the perpetrator, while alarms should be configured to trigger a warning when processes are accessed or modified in an unexpected manner.
Architectural security refers to the way in which all of the security policies in an organization work together; it’s only as strong as the weakest link. This is particularly true—and can be painful—in multivendor environments or, as is the case with telcos, environments that run multiple legacy systems.
Luckily, unified solutions as well as overlays exist on the market. IBM has developed an information-security architecture platform within its line of System z products that secures the entire architecture with cryptographic coprocessors and accelerators (to reduce latency associated with wholesale encryption) that are individually specialized to address various needs.
The lack of next-generation internal security policies, ones that are dynamic and reflect the latest methods used by cybercriminals, can greatly weaken architectural security. For instance, a company could have strong data, process and physical security but may not require employees to regularly update virus protections on devices used both inside and outside the office. Many hacks are perpetrated by spoofing the identities of authenticated users, so companies that haven’t launched educational programs for their employees that relay the dangers of social engineering are at risk.
As we move into the future, CSPs must assume that everything that can be hacked will be hacked, and that there’s no such thing as a small attack—just like in blackjack, a company should bet on the dealer’s hidden card being a 10. The recent intrusion that exposed the data of 38 million Adobe customers was launched by a simple ColdFusion exploit many months prior to the data breach; as attacks become more and more sophisticated, this type will be the norm.
An old adage can easily be applied to the issue of cybersecurity: you can’t choose how much pain you’ll experience in life, but you can choose how much you’ll allow yourself to suffer. By addressing all four pillars of the security platform, CSPs can prevent the pain of hacking, however unavoidable, from becoming chronic suffering.