As we focus on National Cyber Security Awareness Month, our October Deep Dive series on security continues this week with Rackspace Technical Strategy Director Doug Denny and Rackspace Managed Security Director of Operations Daniel Clayton.
This week, the two provide additional detail on the previous session and the evolving cyber threat landscape, how it affects enterprise security and what has to be done differently to defend against new, sophisticated threats.
The success of the evolving, active and persistent cyber threats we see today truly depend on how much time a threat actor has in an environment to fully execute the kill chain and cause catastrophic damage to critical systems and private data.
One of the strongest weapons Rackspace Managed Security has in its arsenal is the ability to remove time from this equation, done through the integration of people, process and leading technologies, allowing for the detection and remediation of threats faster than any competitor in the market today.
This week’s deep dive examines those capabilities and begins with Denny and Clayton discussing how security strategies are evolving, and why the proliferation of the Advanced Persistent Threat has prioritized detection and rapid response over prevention.
The two also discuss the history of Advanced Persistent Threats, which have evolved from mostly state actors to private groups of individuals who have the resources and manpower to persistently target a company or organization, 24/7, until they succeed.
This is a major reason why traditional security strategies have begun to fail, Clayton points out.
“Today’s threat landscape is evolving,” he says, “and the truth is, it’s evolved over the past few years to the extent that it’s forced us to change our strategy.”
Clayton also notes that all strategies fail eventually, and most security strategies in the past were focused on preventing fairly unsophisticated enemies from gaining access to an organization’s systems.
“The truth is now, you’re up against a person, someone who comes to work every day and spends seven or eight hours a day working to get into a cyber environment,” he says. “Sooner or later they find their way in, and that persistent approach has made the idea of prevention obsolete.”
Which is why, he and Denny both explain, detection and response have become a critical part of this new paradigm. Prevention is still important, and is certainly part of the puzzle, but the fact that bad guys are going to get into your environment must be accepted as reality today, and there must be an emphasis on response once it happens.
To find out more about how cyber security is changing and the ways Rackspace is helping businesses mitigate these threats, check out the video for the entire session, and stay tuned every Wednesday through October as the series covers additional topics related to cyber security.
Visit Rackspace to find out more about our managed security services and how they can help protect your business.