Using Security Reports to Improve Your Information Security Practices
by Scott Hogg, on Feb 10, 2015 8:41:18 AM
Security was a big buzzword in 2014 thanks to a number of well-publicized and, in some cases, very damaging breaches. Hackers are getting smarter and more resourceful, and many IT departments are being overloaded with their attention divided in a million different ways. Yet, we have to be careful not to “throw the baby out with the bath water.” As absurd as that sounds, it’s pretty much the same thing as letting other priorities distract you from configuring and maintaining necessary security measures.
Fortunately, information security requires a relatively small investment – both in time and dollars – to configure granular policies and be vigilant. And although it takes a concerted effort to keep up all the new threats out there, there are a number of organizations that make this chore easier by gathering and analyzing data about attacks “in the wild” and making this information available to the rest of us via annual reports.
In a recent post on Network World, I share a number of these reports from industry leaders Cisco, Microsoft, Verizon, Akamai , Arbor Networks and Check Point; security services firms Solutionary (NTT), Trustwave and FireEye; and security research firms Securosis and Ponemon Institute.
One of the ways that hackers continue to grow stronger is through collaboration and information sharing. If organizations want to protect themselves, they will need to do the same. Sharing and consuming information about the security landscape will improve your ability to defend your organization from attacks.