Understanding ASI: Advanced Security Intelligence for business
Posted on 7 Nov 2012 at 17:46
ASI is an evolutionary response to revolutionary developments in global cyberterror and organised crime gangs. Davey Winder investigates
Earlier this year the head of MI5, speaking publicly for the first time in two years, warned that UK businesses are battling astonishing levels of cyber-attack. Jonathan Evans called the attacks, from organised criminals and state-sponsored groups alike, a “threat to the integrity, confidentiality and availability of government information”. MI5 itself has been involved in trying to defend government targets against what he described as being an “industrial-scale process” involving thousands of people.
He was right then, and nothing has changed since to suggest that he isn’t right now. However, the threat is not only to government data and against government departments; businesses are at risk of exposure to the fallout from such attacks as well. A marketing manager for an IT security vendor might call this an evolution of the attack surface, or evolution of the threat space; it’s actually only natural progression.
IT security has always been about defending against a mix of the old and new
IT security has always been about defending against a mix of the old and new, the determined thief and the bedroom chancer, the master hacker and the script kiddie. What we see here are new threats being developed by the determined master hackers – threats that once launched, detected and analysed become distributed amongst the script kiddies and chancers alike. Although this sounds like a one-sided game, with the bad guys holding all the aces, the truth is that such evolutionary developments swing both ways.
While the National Security Strategy rates cyber-attacks up there with terrorist attacks for the threat it poses to critical national infrastructure, more money and resources will be thrown at defending against it at a national, state-sponsored level. This is good news for businesses of all sizes, as the drip-down effect will be a better understanding of how to protect commercial data, business networks and your own bottom line.
As the attack surface broadens and the attack types become increasingly sophisticated, so the need to ramp up conventional cyber-defences grows in importance. If you think of the traditional approach to mitigating IT risk as being “point security” – antivirus, intrusion prevention systems and firewall – the time has come to join the folk at MI5 in implementing Advanced Security Intelligence (ASI).
Advanced Security Intelligence
Think of ASI as taking a holistic, real-time view of all information sources being analysed in order to spot any anomaly, such as unusual user behaviour or oddities in network traffic. If you’ve been around IT security and network admin for a while you might recognise the basic description of security information and event management (SIEM) and log management tools – in fact, ASI has been referred to as next-generation SIEM (NGSIEM). IBM and McAfee are bolstering their SIEM tools with additional ASI capabilities.
But in the real world, what does this actually mean to your business? It means understanding that erecting a wall around your data is no longer enough. You need to be able to get a view on what’s happening behind, in front, above and below that wall; you need to know if the builders of that wall used cheap bricks; you need to be able to not only see the bigger picture, but analyse every pixel of it to spot the insecurity.
For more details about purchasing this feature and/or images for editorial usage, please contact Jasmine Samra on firstname.lastname@example.org
- Police knock out 40 sites accused of piracy
- Samsung launches 1TB SSD for Ultrabooks and tablets
- More than 100 Britons hit by CryptoLocker
- BlackBerry says "we're still alive" as sales hit new low
- Apple buys Twitter search startup Topsy
- Next wave of Windows updates codenamed "Threshold"
- Surface 2 owners locked out due to BitLocker bug
- Bitcoin-mining software hidden in "sneaky" programs
- Surface 2 bug makes screen go dark during games
- Nokia Lumia 2520 tablet goes on sale Wednesday
- Switching from iPhone to Android: what I miss, what I don't
- Tech City: Easy to score when you move the goalposts
- How to remove SkyDrive from the Windows 8.1 Explorer
- Switching from iPhone to Android? Switch off iMessage
- Why is Google pumping more money into Firefox?
- Sky Broadband Shield review
- Samsung Galaxy S4: how to double your battery life
- Motorola Moto G review: first look
- IBM Watson meets Willy Wonka
- Google’s support policies shove users towards Chrome
- Don't rely on Chrome's password vault
- Facebook Graph Search: don't panic
- Gmail drafts and Pastebin: could they evade the email snoops?
- Applying for a job at GCHQ? Here's your plain-text password
- Google two-step verification: a must for business email
- Yes, I write down my passwords
- How to deal with a ransomware attack
- How secure is your Wi-Fi network?
- How QR codes caught out the security pros
- Why I do not trust Do Not Track... yet