Data breaches and system takedowns due to hacking and malware are on the rise. Many of the world’s largest organisations have been hit, often to devastating effect. The growing value of data inside organisations’ networks means more sophisticated, targeted attacks are also increasing. Governments are responding by tightening regulations and introducing significant financial penalties for non-compliance.
As trends like the Internet of Things take greater hold, the need for effective security will become even more pressing. The tentacles of our networks will multiply in the cloud to connect ever more systems and devices, controlling countless critical functions from business logistics to real-time traffic management to health monitoring – all with increasing levels of automation.
To gain effective control over network security and assure compliance in this emerging landscape, organisations know they need simpler, centralised oversight and control of everything that’s happening across their networks and systems. They need intelligent algorithms and machine learning that continually monitor and make sense of network activity for anomalies, with procedures to contain any threat as soon as it’s detected. It is also essential to have effective access and authentication controls for the plethora of people, systems, controllers and devices that will be communicating with their systems.
The IT industry is responding with all manner of solutions and services for orchestrating your security policy and automating its implementation. Virtualisation of the network control plane with technologies such as SD-WAN and NFV offers the possibility of being able to provision and make changes to network security configurations entirely through a cloud-based portal, for example. And the fully software-defined environments of the future hold out the tantalising promise of ultimately being able to apply any changes to security policy across the entirety of a network instantly, and enforce them automatically.
While simplifying security management is everyone’s goal, getting there isn’t so simple. The market for next-generation security is still at an early stage of development, so it’s particularly important retain flexibility and not to lock yourself into proprietary systems that may quickly become obsolete. You need an honest appraisal of where you are today, and a clear view of where you want to get to. Frameworks like NIST and COBIT provide a good starting point, but it may make sense to work with independent partners who understand the nuances of the market and have helped other large customers implement effective, future-proof policies and solutions.
If you’re interested in reading more about BT’s Security services, check out our pages on Security and risk management.