Story image

Monitoring, measuring and secure design patterns the future of cybersecurity

02 Nov 2016

A rebirth in monitoring and measuring of security threats isn’t enough to guarantee companies are secure, says one security expert who says that’s leading to a new movement in secure design patterns.

Ron Gula, Tenable Network Security co-founder and chairman of the board, says there has been a ‘rebirth’ in monitoring and detection of bad guys, leveraging new technology, and of measuring risk via frameworks such as the NIST Cybersecurity Framework, or even things like PCI.

“There are a lot more organisations and boards who want to know if they’re secure and if they have a gap, where it is and how they compare against their peers,” Gula says.

“I’m really happy with those two things,” the 20 year information security veteran says.

However, he adds: “You can do all that, but you will never be guaranteed that you’re secure.

“So there is a new movement in secure design patterns that leverage things like outsourcing, applications to the cloud, rewriting applications with containers and microservices, and repeatable use.”

Gula says risk frameworks should be used as a ruler, or lens, for organisations to evaluate their own internal defences and risks in a way that is vendor neutral and allows them to compare their controls against others in their industry.

He used the example of two security officers golfing.

“One is an IBM shop, one is a Symantec shop, one uses Microsoft laptops, one uses Apple laptops. They can’t speak the same language if they talk about the security controls for the vendors they bought, but if they speak in terms of the ASD or the Nist Cybersecurity framework or even the ISO framework there is a lot of commonality and they can talk about the benefits there.”

Gula says the frameworks will also be critical for cyber-insurance.

“You can’t figure out if one company or organisation is more secure, or a bigger cyber-risk than another one with vendor specific ways of measuring it, there are too many vagaries.

“But doing it under the lens of the new cybersecurity framework or the ASD can give cyber insurance people a lot more opportunity to make a better judgment call on whether cyber insurance is a good deal or not.”

Gula says the frameworks also enable companies to quickly scope out where quick wins can be achieved.

“Whether you start with ASD or the NIST Cybersecurity Framework, everyone of these controls in the framework is going to have a quick win and a long term value.

Once you do your assessment under that same sort of lens, looking at where your gaps are, as a business, your board, your executives, can make a decision about what is best for your organisation.

“And it shouldn’t be an overnight thing. It should be as they think about IT in general, what kind of services are they buying, what kind of commercial solutions, or open source solutions they need to have to monitor and enforce those kinds of policies.”

Channel side

Unsurprisingly, Gula says the role of the reseller is ‘really changing’ with resellers no longer just fulfilment agents, but also key advisors.

“The reseller is really an advisor, especially for small market.

“If you’re not Fortune 200, you’re probably working with resellers as your trusted advisor. And you have a limited amount of cyber people inside an organisation. You have a limited number of vendors they can use. And when you do buy a vendor, whether Tenable or whoever, chances are you don’t use 100% of the features.

“A reseller can help a customer design, deploy and do health checks and make sure the latest features are being used.”

Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.
How blockchain could help stop video piracy in its tracks
An Australian video tech firm has successfully tested a blockchain trial that could end up being a welcome relief for video creators and the fight against video piracy.
IBM X-Force Red & Qualys introduce automated patching
IBM X-Force Red and Qualys are declaring a war on unpatched systems, and they believe automation is the answer.
Micro Focus acquires Interset to improve predictive analytics
Interset utilises user and entity behavioural analytics (UEBA) and machine learning to give security professionals what they need to execute threat detection analysis.
Raising the stakes: McAfee’s predictions for cybersecurity
Security teams and solutions will have to contend with synergistic threats, increasingly backed by artificial intelligence to avoid detection.
Exclusive: Ping Identity on security risk mitigation
“Effective security controls are measured and defined by the direct mitigation of inherent and residual risk.”
CylancePROTECT now available on AWS Marketplace
Customers now have access to CylancePROTECT for AI-driven protection across all Windows, Mac, and Linux (including Amazon Linux) instances.