By Justin R. Mitchell, Sr. Practice Consultant, Advanced Cyber Defense Practice
Being in the IT world, the years fly by at such a rate it all seems like a blur. Many of us in this field are tied to multiple large-scale projects that need to be completed before year-end. Well here we find ourselves in 2013 and the question is how serious are you and your company about IT security? Is your company aware of how complicated and serious the threats are today? Does your company have the proper stance to defend and alert against breaches across the multiple attack vectors? Most companies are behind both in practice and planning and there is a lot at stake.
Just a few years ago, companies were overconfident in internet firewalls and antivirus solutions protecting the internal network from the threats of the internet. This mentality of the past was just OK at best. Today we live in an Internet of Things (IOT) where everything is connected and these dated solutions only protect against “obvious,” otherwise simple threats. Attackers are making larger and larger efforts to evade and obfuscate detection, and cause significant damages such as physical harm, financial harm, and to unlock valuable IP data.
The fact of the matter is if your company has not been keeping up with the times, there is a lot of catching up to do; it is a daunting task. This undertaking becomes even more difficult for large companies that need to manage thousands of desktops and laptops. Threats exist on both the external and internal networks. The largest threats to companies occur on the internal network where malicious employees and compromised machines can wreak havoc; crippling machines, forming botnets, stealing identities, siphoning off valuable data, and the list goes on. Fortunately, there are companies specializing in products, services, and solutions to build out defenses as well as mission critical Security Operations Centers (SOC) to gain real-time visibility for proactive resolution.
Justin Mitchell is a Senior Practice Consultant for RSA’s Advanced Cyber Defense Practice serving the Americas. Justin has over 10 years of experience in IT, spanning architecture, security, incident response, and strategy.