At Rackspace::Solve London, Intelligence Manager Martin Lee mapped out the evolution of cybercrime and how hackers are finding new ways to exploit system and infrastructure weaknesses.
His session opened up the security conversation among delegates and the following groups emerged:
- A small number of delegates didn’t want to or have the capacity to understand the risks of cyber attack and lived by hope that they would not be targeted.
- Some delegates understood the potential impact of a cyber attack on their business but considered threats to be low risk and agreed to deal with issues on an ad-hoc basis.
- Others knew that a security breach would negatively impact their business. They have purchased multiple security technologies and tools to protect their infrastructure but are struggling to manage them due to lack of skills or available resources.
- The final group understood the risk and the consequences associated with a potential breach. They have chosen to proactively protect their critical infrastructure by subscribing to managed security services provided by Rackspace.
The reality is that many companies have not evaluated their risk exposure to a successful attack, the impact of that attack on downtime, data loss, reputation, or finances nor how they would mitigate, remediate or bounce back from that attack.
In the most newsworthy security breaches over the last 18 months, there was something missing from the companies’ security strategies. It wasn’t tools or products. They had those; however, the human component broke down – these companies did not have experienced personnel monitoring and tuning the tools. Before investing in technologies and products, companies need to make sure that they have the expertise to back them.
Businesses that do not want to build their own security team may consider investing in managed security solutions. Steven Van Wichelen of the Ecommerce Group, an Alert Logic customer who has been a Rackspace customer for 12 years, mentioned that working with a managed security partner like Alert Logic is like having 6,000 employees for a monthly fee. If going this route, it is important to find a partner that has years of experience with the “hard parts,” the people and the process.
All companies should go through the process of understanding and articulating their acceptance of risk of a security breach. This process will allow them to make calculated decisions regarding whether they have the right security technologies, and services to mitigate that risk and sleep easier.
WATCH: In other Solve presentations, the importance of security and the strong relationship between Rackspace and Alert Logic security experts were highlighted.
Security and Scalability in the Hybrid Cloud – How to Get One Without Losing the Other
Deploying and Scaling Ecommerce Apps with Rackspace DevOps Automation
Emerging Cyber Threats & Strategies for Defense in LATAM
In the Dallas area in late June? Visit Alert Logic at Rackspace Solve::Dallas, June 25, 2015.