By Graham Jones, UK Country Manager at Exclusive Networks UK
Data breaches create fear within organisations and as a result, everything about an organisation’s security strategy has always been focused on stopping breaches from happening. The inconvenient truth is that breaches continue to happen. In fact, data breaches are becoming frequent and increasing in severity, and therefore must accept that it is not a case of if a business will suffer a data breach, but simply when.
Breaches can be malicious or non-malicious but whatever the intent, any exposure or theft of business data, operational disruption or the ‘brand impact’ is extremely costly. As a result, organisations are finding it increasingly difficult to invest in preventative measures, and still continue to be challenged around the post-breach scenario. With the volume of attacks causing a big data problem, it is left to un-skilled employees to address the issues but still no one to clear up after the attack has taken place. Unfortunately, this is allowing response times to be too long and insufficient resources are delaying the appropriate remediation. It seems that little effort is left to complete a forensic study, or develop the regulatory/compliance reports, and managed mitigation is a fantasy.
This has been the impetus for Exclusive Networks and its partners in security technology to create a platform capable of addressing the post-breach issues businesses face following a successful cyber attack: CARM (Cyber Attack Remediation & Mitigation) adds reaction to your existing detection and protection topologies. By implementing a process of defence, identification, response and remediation, CARM downgrades successful attacks into known threats.
Combining the best of breed capabilities of numerous vendors such as LogRhythm, FireEye, Palo Alto Networks, Bit9, Imperva, Mandiant and Fortinet, CARM addresses the key issues facing CISOs; lack of visibility, volume of incidents, classification of incidents, time to detect, time to contain and ultimately the minimisation of the attack’s impact.
The real beauty of CARM is its flexibility to integrate even further with existing legacy vendor technology already deployed. Whether that’s firewalls, IPS, anti-malware etc., this means existing investments are not dead. CARM does not ‘rip and replace’ but instead leverages previous investments which were designed for prevention purposes, to deliver a post-breach solution, that includes:
- Quicker response, lower breach impact
- Better, more isolated breach fixes by virtue of its early warning system
- Easier, faster breach notification and forensics in spite of big data
- Fewer IT hours, no human error thanks to maximum automation
- Remediation learning eliminates repeat threats
- Significantly more cost effective than adopting multiple technologies through any other model
The changing face of the security landscape is increasing the need for post-breach security and this is happening at the same time as innovative security vendors are coming to market with highly capable post-breach solutions. The CARM initiative is Exclusive Networks’ way of making that process as easy for the market to adopt as possible.