Combating Cybercrime with the Hidden Trail
Just thinking about how to provide adequate security can seem overwhelming to a small business. But your business already has the information you need to detect breaches in a timely manner and to cost effectively address regulatory requirements. Every second of the day, your servers, laptops, applications, network infrastructure, and security devices leave a trail of activity behind in the form of logs. Everything from a login or logout to a badge swipe or file access is tracked in this hidden trail. Bring this information together and you have a powerful and cost-effective means to detect threats and protect your business.
Tips On How to Maximise Your Security Budget:
- Improve efficiency—consider approaches to security that require less hardware and effectively support consolidation and green initiatives.
- Manage clear visibility on the network—knowing where your internal/external threats and policy violations exist will eliminate or reduce the extraneous costs of a data breach, fraud, or cybercrime.
- Avoid the 'one size fits all' solutions—look for multiple performance options and scalability to adapt to evolving security and compliance regulations.
- Understand the impact of automation—reserve limited and valuable IT resources for more strategic tasks.
- Integrate security as part of the business—leverage security solutions in more strategic ways by offer a clear path to ROI and productivity gains.
For organisations of any size, there's no doubt that battling cybercrime and meeting regulatory compliance will be a top business issue in 2009. However, given the state of security in today's economy, it will be important to measure the cost-comparisons between technology and IT resources used versus the costs associated with a data breach or cybercrime attack.
Ansh Patnaik is the director of product marketing at ArcSight. He is an ISSA and ISACA member and maintains the CISSP certification. Ansh has worked in the security space for over 10 years with companies such as BindView/Symantec and Omniva Policy Systems.