Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Q&A with Sharat Sinha: Don’t trust, always verify

Zafar Anjum | Nov. 27, 2013
The best way to approach security is to shift away from ‘trust but verify’ to ‘don’t trust, always verify’, says Sharat Sinha, Vice President APAC, of Palo Alto Networks.

How can local businesses change their strategy to cope with the new threats?

  • A new way to practice security is to safely enable business relevant applications rather than establishing security as an afterthought: We enable organisations to take a proactive approach. For example, by bridging the communication gap between business needs and security staff with security policies designed so that security can be part of the business enablement process.
  • Adopt a security platform that is more adapted to (1) today's use of the Internet and (2) modern cyber threats - Palo Alto Networks uses an unconventional approach, from the ground-up approach to build a new and innovative security platform
    • Details: Flip upside down the traditional approach to network security: from "Let all traffic in, then detect what's malicious" to "specify which applications can be authorised on our network to support our business, safely enable them, and block everything else, including known and unknown threats."
  • A platform approach: With a platform that natively brings all security functions together and eliminates siloes, Palo Alto Networks empower security teams to focus on what matters and gain full control over the state of their network security - security teams become more efficient.
    • Details: by identifying and controlling all network traffic, security staff can eliminate unnecessary traffic and immediately reduce the scope of the security challenge. They can then focus their efforts on what really matters: investigating suspicious traffic. By being able to inspect all suspicious traffic all the time, regardless of end-point/device, user location, source and destination, Palo Alto Networks can rapidly stop more sophisticated threats such as APTs that might stay dormant for months.

What can governments do to help organisations become more secure?

  • Governments need security infrastructures that have the capability to safely enable the applications being used in their environment and for citizen services to protect their own infrastructure. At the same time, they should have recommended infrastructure security requirements for enterprises as in a targeted and coordinated APT attack, one breach can lead to another, impacting the IT infrastructure of the country. An infrastructure for safely enabling applications in both government and enterprises allow countries to leverage IT to improve productivity. It requires the capability to detect, prevent and remediate a security problem, in case of a breach.

 

Previous Page  1  2  3 

Sign up for CIO Asia eNewsletters.