As organisations try to make sense of disparate tools, Security Information and Event Management (SIEM) systems, which gather, organise and display alerts from several products, have emerged. Unfortunately, this solution still requires an IT professional to go through data in search of a real danger, and that'slike trying to find a needle in a haystack.
This takes time and resources as many organisations become plagued with false positives and even worse, false negatives that result in IT professionals failing to notice the connection amidst all the noise.
Security Lacks Coordination
Finally, businesses face the challenge of inconsistent and uncoordinated security. This lack of consistency helps explain the failure of technology to adequately protect against coordinated attacks.
It is critical for security professionals to enforce policies consistently throughout an organisation. Yet the "a la carte" nature of today's security products makes this difficult. For example, if an organisation does not want users to visit file-sharing websites and simply blocks websites on the corporate firewall, users are still able to get around the block by bringing their laptops home. In another instance, a desktop manager sets policies for Windows endpoints in one product but the mobile specialist sets a separate policy for Android devices in another product, leading to inconsistency.
Products need to share a common management infrastructure: not just a console, but a shared set of policies to guarantee consistency across the organisation.
That's not enough, though. Today, a product that focuses on endpoint protection does not know what the encryption or network firewall product is doing. This results in malware and advanced threats slipping through the gaps, exploiting the lack of coordination.
The solution is for technologies to work together, communicating and collaborating across products to better identify and respond to threats.
To truly protect organisations against modern threats, all three of these issues have to be addressed. The next generation of security has to be comprehensive, simple and coordinated.