Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

BLOG: The rise of context-aware security

Ammar Hindi | Dec. 16, 2013
Context is everything in security.

Context was one of the most common themes discussed at events within Asia Pacific this year including the Gartner Security & Risk Management Summit, GovWare and RSA. As information security professionals increasingly face the challenge of protecting data on devices and systems not owned or controlled by the company, context provides the solution. Indeed, in order to gauge the level of impact and significance of a security event, it is vital that organisations understand the context of the event, as well as have the necessary data readily available to analyse the threat.

Context-aware security is about making use of additional situational information to improve security decisions at the time the decision is made. By doing this, it ensures that more accurate and effective information security decisions are taken to provide better protection against advanced threats.

In one of the sessions at a recent Gartner event, analyst Neil MacDonald highlighted a perfect example of this context and data requirement. A bank receives an online banking request from a regular customer to transfer money from one account to another. The customer has logged onto the online banking site and has correctly used her password and credentials - all would seem right with the world.

However, what if the bank was able to determine that their online customer is using a different computer from normal? Take for instance this scenario: she is accessing the online banking site during what would be the small hours in the country where she lives; and indeed it appears the computer she is using is located several thousand miles away from where she carried out her last online transaction, just a few hours ago.

With the new context and data that is now available to the bank, the whole picture has also shifted from an apparently innocent transaction, to one which most likely was a fraudulent. As such, the bank now has the context and information to block the transaction until more information can be sought.

It seems simple, yet a surprising number of businesses still purchase tactical static security solutions to solve a problem at a point in time. Without thinking of the dynamic nature of the environment or threat, these tactical purchases are rendered useless over time.

With Gartner forecasting IT spending across Asia Pacific to grow 5.5 per cent in 2014, there is clearly a need for today's IT organisations to deploy a dynamic approach in defending the network. This refers to a tactic that uses awareness and automation to provide visibility and context, while constantly adapting to new threats, new vulnerabilities and everyday network changes.

When it comes to IT security, context-awareness is critical to staying ahead of the bad guys. The rate of change in today's IT environments taking into account the number of devices, users, applications and systems that connect to our infrastructure every day, is unprecedented. In addition, sophisticated cyber attacks are on the rise. Old security solutions are typically blind to changing conditions and new attacks. As organisations can't protect what they can't see, these traditional security solutions fall short of providing needed protection and visibility.

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.