The wire is the key to enterprise security. Whoever owns the wire holds the keys to the kingdom. Make sure your network security department has the tools to " own the wire".
The majority of Data leakages and breaches happen over the wire, and the wire is what we must maintain a laser focus on.
Sure, log correlation can yield valuable information in a post breach scenario, but the real time relevancy if the traffic on the wire far outweighs the patch detain of server, workstation and device logs.
Think if the fox in the henhouse. Does the farmer want his first alert of trouble to be screaming gens getting slaughtered or would he rather see the fox approaching across an open field and gave time to prevent the slaughter.
This is why a system that monitors the traffic on the wire is an enterprise imperative. Such s system can be a hard sell to executives, as it may not be a regulatory requirement, or helpful to external auditors focused on logs and reports. But the seemingly high cost of such a system pales into insignificance alongside the financial and reputation costs of even a small data breach.
So the enterprises should invest in network monitoring software which can show, alert, and capture, traffic on the wire. This allows the information security teams to identify, intercept and prevent breaches.
All information security teams prefer Prevention of breaches, but are often limited by prior management funding and system acquisition decisions to post breach analysis.
That's all for now
S. Russell Dyer BS CNE CISSP CRISC Security +
Location:Okemos Rd,Okemos,United States
No comments:
Post a Comment