In light of the news that more than one billion Yahoo user accounts have been affected in a hacking attack, data breaches have become one of the chief concerns for companies across the globe. According to the annual Cost of a Data Breach Study carried out by IBM, the average consolidated total cost amounts to £2.53 million. So what can companies do to protect both their on-premises software as well as their applications in the cloud? This is where Adaptive Security Architecture enters the frame, helping to shift businesses from the mindset of incident response to a tougher, continuous response mindset.
Companies need to adopt the approach that cyber-attacks are sophisticated and unforgiving with hackers having the ability to continuously target their systems. It’s not good enough to have just one perimeter safeguard, they need comprehensive multilayer protection with Adaptive Security Architecture mitigating against security breaches by continuously tracking existing and potential security threats. The architecture provides a balanced approach, ensuring that companies include security as a component of their end-to-end business processes.
One of Gartner’s Top Strategic Technology Trends for 2017, there are four key areas of Adaptive Security Architecture – Preventive, Detective, Retrospective and Predictive. Preventive capabilities are the preventive policies, products and processes that are put in place to prevent a cyber-attack. They reduce the surface area for the attack by blocking them and their attack methods before they impact the company. If an attack evades the preventive category, then Detective capabilities will reduce the potential damage they might cause. With Retrospective capabilities, companies will be advised on what to do after attacks have happened and receive recommendations and preventive measures to avoid incidents in the future. Predictive capabilities are about anticipation – where the security team externally monitor hacker activities in order to anticipate and have the upper hand on new attacks against current systems.
In simple terms, Adaptive Security Architecture is about continuous monitoring and analytics and is a very useful framework to help any business. The security process should be continuous and take a balanced approach, with any monitoring and visibility being analysed for any indications of compromise. It’s also why you should turn to a technology partner like Inspired who can provide security capabilities in multiple categories. With many companies going down the prevention-only strategy – isn’t it about time you shifted your mindset?