6 IT Security Innovations to Keep You Ahead of Attackers
Hardly a day goes by without a new security threat emerging. Traditional security tools aren't always up to the task of keeping sensitive business information in safe hands. These six innovations will help you stay a step ahead.
Tue, March 26, 2013
CIO — Security threats abound in the enterprise. Today's IT security professionals must worry about malware, spyware, hackers, DDoS attacks, hijacked USB drives, spies, cyberwar and other vulnerabilities too numerous to mention.
Fortunately, technological innovations are emerging to help block these types of attacks. Companies such as Seclore, for example, offer services that are designed to protect not just the delivery of documents outside an organization, but controlling how long someone has access to those docs. With new kill-chain tactics, meanwhile, a start-up such as CloudStrike says it can determine not just the nature of a new attack but also develop a profile of the attacker.
These innovations, along with four others, described below might be the answer to a common dilemma: Relying too long on the standard security techniques that a large company installed long ago.
Seclore: Controlling When, How Information Can Be Accessed
Security inside an organization is one thing. Protecting documents and files in the perimeter that's outside the firewall is a greater challenge. Enter information rights management, also known as enterprise rights management; this typically uses encryption, rights policies, full auditing and other security tools to protect sensitive information. IRM tools such as Seclore protect "who, what and when" policies for documents. One critical Seclore feature: IT can also control how long a document is in the hands of someone outside the company. Daimler, Panasonic and Fugro use the service.
TaaSERA: Analyzing Communication Patterns of Malware
It takes more than a clever product name to block malware attacks. TaaSERA does have a clever name—it means Trust as a Service—but the inner working of the detection engine should appeal to CSOs everywhere. The analyzer is what you might call "zero minute" detection; it looks for trace signs of a new malware agent such as the tell-tale signs of infection. The service goes beyond the signature-based security tools that block known viruses, though, using "correlated sequence of inbound exploits, binary downloads, command and control communication and outbound scans" to diagnose malware attacks.
CrowdStrike: Introducing Kill-Chain Tactics
In any war, it's important to know your enemy. While CrowdStrike remains in private beta and will debut this fall, the cloud provider uses a novel approach. The idea is to go on the offensive: The firm's technology analyzes the attacker and develops a model based on what an attacker is trying to do and the tools it is using. This tactic, known as a kill-chain, helps a company strategize about and defend against a known attacker. It can also turn the tables on an attacker by first pinpointing its identity and intent and then "creating doubt and confusion" that ties up resources and denies it access to the information it wants.