
Enterprise Security And The Elusive


Andre' Allen, CISO, City of Houston
Much has been said about achieving the “single pane of glass” for enterprise security that will enable one to peer into the multitude of activities (malicious or otherwise) happening in real-time within today’s complex computer networks. Many security vendors proclaim loudly that their security products provide a “single pane of glass.” That is to say, that single dashboard display that will show you everything that is happening in your network and alert you to trends that indicate that you may have a security problem. But does the “single pane of glass” for enterprise security truly exist today or is it, in fact, elusive?
The ideal “single pane of glass” would consist of a scalable analytics platform that provides compliance, information security, and forensics and incident investigation support. This analytics platform would seamlessly integrate with existing network/security components that provide the following:
Data Loss Prevention (DLP), Intrusion Detection System (IDS)/Intrusion Prevention System (IPS), Firewalls, Switches/Routers, Web Application Filter (WAF), Identity and Access Management (IAM), End Point Security (including malware prevention), Deep Packet Inspection (DPI) and Forensics, Desktop and Server Logs, Governance, Risk and Compliance (GRC), Service Management, Vulnerability Scans, and a Configuration Management Database (CMDB).
The analytics platform would have intelligence technology built in at each interface to not only collect data from each component, but also to provide analytics capability to provide Log & Event Analysis and Log & Event Correlation. The analytics platform would also have interfaces to Security Operating Center (SOC) and Network Operating Center (NOC) Dashboards, as well as, to Situational Awareness and Threat Intelligence sources. Finally, it would provide a rich reporting capability and dynamic dashboards that present correlated data and comprehensive views.
Let’s return to the question raised at the onset: does the “single pane of glass” truly exist today or is it, in fact, elusive? I contend that the “single pane of glass” does not exist today and it is elusive. However, there is a lot of promise on the horizon. The competitive security tool market has generated much movement in this regard. Progress is being made towards achieving the “single pane of glass.”
Check Out: Top Endpoint Security Technology Companies
Security tool vendors are becoming more aware of the need to (and are more willing to) leverage the Open API new technology. Open API new technology promotes the idea of different vendors establishing application programming interfaces that allow one product to seamlessly interface with another product, at the application layer, with minimum development and integration effort required. This affords the opportunity for the customer to leverage the best capabilities of differing vendor solutions without having to make what can sometimes be a large investment in software customization and integration testing. Based on my experience, I believe that it will be very difficult for a single security vendor solution to provide both the analytical and the automated processes needed to satisfy the visibility requirements of enterprise security. However, security vendors that adopt the Open API new technology concept will help the enterprise security community to go a long way towards achieving the elusive “single pane of glass.”
It is also recognized that many of the large enterprise security solution providers are attempting to achieve the “single pane of glass” without adopting the Open API new technology concept. They are attempting to achieve this by various mergers and acquisitions of smaller security tool vendors that offer additional functionality that did not exist in their current enterprise security tool suite. This trend would likely render the open application programming interfaces (which may have previously existed before the security tool vendor was acquired) as proprietary. The current trend in security tool vendor acquisitions may result in some success in achieving the “single pane of glass.” However, it is the opinion of the author that this approach may limit the creativeness that generally comes with a “lean and mean,” focused small security tool vendor that is needed in the dynamic enterprise security environment that currently exists.
In conclusion, it appears that the “single pane of glass” for enterprise security does not currently exist today. However, I believe that a “multi-paned window” for enterprise security does exist. This “multi-paned window” is comprised of multiple vendor solutions that adopt the Open API new technology. The collaboration of multiple vendors to achieve a common goal (to provide integrated capability and visibility for enterprise security objectives) has led to a window of opportunity. This creates an opportunity to be able to analyze information from disparate sources and, to put it simply, make some sense out of it. The “multi-paned window” would potentially utilize the “single pane of glass” of a Governance, Risk and Compliance (GRC) tool, the “single pane of glass” of a Security Event and Incident Management (SEIM) tool, and the “single pane of glass” of an analytics platform, to form the “multi-paned window” for enterprise security. This “multi-paned window” would provide an integrated view of system events/processes and the resultant effect on established security policies, plans, and procedures. The “multi-paned window” is not a “single pane of glass” for enterprise security, but it is nonetheless a “window,” providing the much needed visibility into the enterprise security space.
See Also: Enterprise Security Companies
See Also:
ON THE DECK
Featured Vendors
THETA432: Performance, Precision, Efficiency, Visibility - The Key to Incident Response and Answer to the Talent Shortage
EveryCloud Technologies: Delivering Powerful Email Filtering Services" title="Graham O'Reilly, CEO & Co-Founder" style="float:left; margin-right:10px; margin-bottom:20px;" width="60px" height="50px">
EveryCloud Technologies: Delivering Powerful Email Filtering Services
Onepath: A Responsive Info-Security Management Framework – the easier way to dramatically improve your overall info-security posture
Covenant Security Solutions, Inc.: Revolutionary Solutions to Mitigate Security and Compliance Risks
EDITOR'S PICK
Essential Technology Elements Necessary To Enable...
By Leni Kaufman, VP & CIO, Newport News Shipbuilding
Comparative Data Among Physician Peers
By George Evans, CIO, Singing River Health System
Monitoring Technologies Without Human Intervention
By John Kamin, EVP and CIO, Old National Bancorp
Unlocking the Value of Connected Cars
By Elliot Garbus, VP-IoT Solutions Group & GM-Automotive...
Digital Innovation Giving Rise to New Capabilities
By Gregory Morrison, SVP & CIO, Cox Enterprises
Staying Connected to Organizational Priorities is Vital...
By Alberto Ruocco, CIO, American Electric Power
Comprehensible Distribution of Training and Information...
By Sam Lamonica, CIO & VP Information Systems, Rosendin...
The Current Focus is On Comprehensive Solutions
By Sergey Cherkasov, CIO, PhosAgro
Big Data Analytics and Its Impact on the Supply Chain
By Pascal Becotte, MD-Global Supply Chain Practice for the...
Technology's Impact on Field Services
By Stephen Caulfield, Executive Director, Global Field...
Carmax, the Automobile Business with IT at the Core
By Shamim Mohammad, SVP & CIO, CarMax
The CIO's role in rethinking the scope of EPM for...
By Ronald Seymore, Managing Director, Enterprise Performance...
Driving Insurance Agent Productivity with Mobile and Big...
By Brad Bodell, SVP and CIO, CNO Financial Group, Inc.
Transformative Impact On The IT Landscape
By Jim Whitehurst, CEO, Red Hat
Get Ready for an IT Renaissance: Brought to You by Big...
By Clark Golestani, EVP and CIO, Merck
Four Initiatives Driving ECM Innovation
By Scott Craig, Vice President of Product Marketing, Lexmark...
Technology to Leverage and Enable
By Dave Kipe, SVP, Global Operations, Scholastic Inc.
By Meerah Rajavel, CIO, Forcepoint
AI is the New UI-AI + UX + DesignOps
By Amit Bahree, Executive, Global Technology and Innovation,...
Evolving Role of the CIO - Enabling Business Execution...
By Greg Tacchetti, CIO, State Auto Insurance
Read Also
Hybrid Work Has Forever Changed The Need For It In Ramboll
How T-Mobile brought an Un-carrier approach to tech hiring
Every Changing Labor Force
Great Expectations: Balancing the diverse needs of a city in a...
Community Banks And Digital Banking
"Discovery and Delivery" - An Approach to IT Workload Balance
