Security Roundup: Insight Engines, Optiv, K-12 Cybercrime, Darktrace

Written by Edward Gately
March 16, 2019

Simplifying security architecture can be especially difficult for legacy organizations.

… network that we don’t even care about anymore and it doesn’t even exist anymore?” Wernick said.

“Getting through that requires a lot of patience and dedication,” he added. “One thing we’re seeing quite a bit of is people [saying], ‘Look, we’ll deal with that stuff later, put it in really cheap storage, take it out of the expensive storage like Splunk and put it in Amazon Glacier or go put it on some hard disk somewhere,” he said. ” It doesn’t really fix the problem; it just prolongs it for another day.”

Change is tough, but in this case, there are many incentives to initiate this process, Wernick said.

“The old world has a lot of vulnerabilities because it was designed at a time when security was not at the forefront,” he said. “The new world as we’re going into this cloud era is designed with security in mind and you’re starting to see a situation where there’s necessity for greater transparency across the organization. People start doing security by design, and what I mean by that is … all sides of the house are talking to each other. The cloud is more secure by design if that communication loop is open. So the incentive to move to the cloud is great. It’s actually going to be costing you less and it’s going to end up helping you a lot.”

Having large data centers and older software is expensive, while moving to cloud environments, if done well, it’s cheaper to do it, Wernick said.

“It all goes back to the transparency of the departments, speaking a common language and being able to say, ‘Look, security is by design in our organization, by design in the software that we build, by design in the way we communicate HR policies we pump out, by design in how we educate the teams, and especially around money, so the finance side of the house is educated on phishing attacks,” he said. “So the CFO knows why the CSO is doing something.”

As far as the cybersecurity industry, Wernick expects to see a lot of consolidation in the months and years ahead because “people are getting a lot wiser about these products that basically do the same thing,” he said.

“The next thing I would like to see is people talking about solving problems, not talking about pitching, like we have really cool AI,” he said.

RSA Poll: Many Respondents Unsure About Attack Response Preparedness

Optiv conducted a lightning poll on the RSA show floor last week, and the results were somewhat troubling.

This is especially the case as the conference theoretically attracts the “cream of the crop” of the cybersecurity world, according to Optiv.

Among the 137 respondents:

More than one-third are unsure if their businesses are prepared to respond to an attack.
Almost half said cybersecurity risk is not fully integrated with the enterprise business risk function within their organizations; in other words, the risk of breaches and compliance violations is still not viewed as a top-tier business risk by business execs in these organizations.
Almost one in three (31 percent) respondents said their cybersecurity programs were only targeted to achieving regulatory compliance, rather than holistic security and risk reduction. For example, these companies focus on achieving compliance with the Payment Card Industry Data Security Standard (PCI DSS), the Health Insurance Portbility And Accountability Act (HIPAA) and other regulations, while deemphasizing all non-compliance-related data and systems.

Brian Golumbeck, Optiv’s executive director of risk and compliance advisory services, tells us the results point to …