Implementing a new security management plan

Implementing a new security management plan

Date: Jul 28, 2014

In this webinar, Henry Svendblad expands on his discussion in part three of this three-part video series on the new IT landscape and his call for a new security paradigm. Svendblad offers practical guidelines here for implementing pervasive protection, a security management plan needed to support the new IT landscape.

So how do you implement a new strategy? Svendblad says it is important to recognize that there is no perimeter that you are trying to protect. In a fully connected world, networks do not have borders. Protection must be multilayered within the firewall, devices and applications. Network managers must always be leveraging a centralized policy.

The enterprise LAN should be treated as a wild environment with special attention being paid to taking care of re-trenching applications to the data center and centralizing them. You should use multifactor authentication to access an application. Requiring a thumbprint or a retinal scan along with having passwords is a great way to add more layers of security.

Digital denial-of-service protection is worth the investment, says Svendblad. It is important not just so that you have protection within your enterprise, but also so you have a service provider to help when there is an attack. With the help of a service provider, you can keep attacks away from your data center because the service provider will handle it.

Check out the other two parts of this series

Read more about how the IT security landscape has changed in the last 20 years

Find out why pervasive protection so important

Before you come up with your plan, Svendblad says you should create a risk profile for your company. When doing this, focus specifically in "return on risk," which is how much risk you can tolerate. Assess the risk trade-offs of new technologies and initiatives such as cloud, mobility, big data and unified communications to see how much impact they will have on your current state of vulnerability.

From a practical point of view, it makes more sense to prevent an attack than to deal with an attack. Svendblad emphasizes the need for organizations to become proactive. Don't just react to an attack, he advises; instead, focus on the forensic capabilities with intrusion detection and protection technologies to avoid the attack all together. Figure out where you are vulnerable right now with external services. Launch a specific initiative that takes the end-to-end view of security and risk management, identify areas of conflict and ambiguity and focus your plan on those key areas.

Watch the video for guidance on how to implement a pervasive-protection security program for your enterprise.

More on Network Security Best Practices and Products

  • canderson

    Regulatory pressure accompanies changing IT landscape

    VIDEO - The new IT landscape is more virtual, distributed and increasingly mobile. It's more interconnected with applications talking to each other. Threats are evolving and so is regulatory pressure. All of this creates security compliance challenges.
  • canderson

    Pervasive protection is the new security paradigm

    VIDEO - Pervasive protection encompasses risk management, forensics, identity authentication and risk management to provide a centralized approach to security management that protects your enterprise network in a modern IT landscape.
  • canderson

    How to find the next-gen firewall your network security needs

    VIDEO - Odds are your network needs an NGFW, but first you need to know what it does, where it fits and what questions to ask vendors.
  • firewall

    Definition - A firewall is a network security system, either hardware or software based, that controls incoming and outgoing network traffic based on a set of rules.
  • Information security services under siege

    Opinion - Security professionals are disillusioned and desperate for some progress in the uphill battle against attackers. Is the security industry up for the task?
  • Fortinet, SonicWall release new enterprise firewalls

    News - New enterprise firewalls from Fortinet and SonicWall offer carrier-class speeds and feeds at a nice price.

    ( Oct 30, 2014 )

  • IBM not in financial crisis

    News - SN blogs: This week, one analyst discusses the importance of incident detection and response; another speculates on the benefits of SDN and DevOps.

    ( Oct 24, 2014 )

  • Does NCSAM really matter anymore?

    Opinion - National Cyber Security Awareness month has been around for 11 years, but more talk -- and action -- is needed to achieve real goals.

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: