Understanding ASI: Advanced Security Intelligence for business
Posted on 7 Nov 2012 at 17:46
ASI is an evolutionary response to revolutionary developments in global cyberterror and organised crime gangs. Davey Winder investigates
Earlier this year the head of MI5, speaking publicly for the first time in two years, warned that UK businesses are battling astonishing levels of cyber-attack. Jonathan Evans called the attacks, from organised criminals and state-sponsored groups alike, a “threat to the integrity, confidentiality and availability of government information”. MI5 itself has been involved in trying to defend government targets against what he described as being an “industrial-scale process” involving thousands of people.
He was right then, and nothing has changed since to suggest that he isn’t right now. However, the threat is not only to government data and against government departments; businesses are at risk of exposure to the fallout from such attacks as well. A marketing manager for an IT security vendor might call this an evolution of the attack surface, or evolution of the threat space; it’s actually only natural progression.
IT security has always been about defending against a mix of the old and new
IT security has always been about defending against a mix of the old and new, the determined thief and the bedroom chancer, the master hacker and the script kiddie. What we see here are new threats being developed by the determined master hackers – threats that once launched, detected and analysed become distributed amongst the script kiddies and chancers alike. Although this sounds like a one-sided game, with the bad guys holding all the aces, the truth is that such evolutionary developments swing both ways.
While the National Security Strategy rates cyber-attacks up there with terrorist attacks for the threat it poses to critical national infrastructure, more money and resources will be thrown at defending against it at a national, state-sponsored level. This is good news for businesses of all sizes, as the drip-down effect will be a better understanding of how to protect commercial data, business networks and your own bottom line.
As the attack surface broadens and the attack types become increasingly sophisticated, so the need to ramp up conventional cyber-defences grows in importance. If you think of the traditional approach to mitigating IT risk as being “point security” – antivirus, intrusion prevention systems and firewall – the time has come to join the folk at MI5 in implementing Advanced Security Intelligence (ASI).
Advanced Security Intelligence
Think of ASI as taking a holistic, real-time view of all information sources being analysed in order to spot any anomaly, such as unusual user behaviour or oddities in network traffic. If you’ve been around IT security and network admin for a while you might recognise the basic description of security information and event management (SIEM) and log management tools – in fact, ASI has been referred to as next-generation SIEM (NGSIEM). IBM and McAfee are bolstering their SIEM tools with additional ASI capabilities.
But in the real world, what does this actually mean to your business? It means understanding that erecting a wall around your data is no longer enough. You need to be able to get a view on what’s happening behind, in front, above and below that wall; you need to know if the builders of that wall used cheap bricks; you need to be able to not only see the bigger picture, but analyse every pixel of it to spot the insecurity.
For more details about purchasing this feature and/or images for editorial usage, please contact Jasmine Samra on firstname.lastname@example.org
- Sony warns of massive loss on smartphones
- Dropbox app doesn't work properly with iOS 8
- Dark clouds for Adobe as profits slide by 46%
- Windows 9 Technical Preview launch date revealed
- New Windows 9 videos show off multi-desktops and notification centre
- Chromebook owners get access to Android apps
- SanDisk lets you pop half-terabyte card in your camera
- Windows 9 video shows new Start menu
- Microsoft killing Nokia and Windows Phone brands
- OneDrive promises faster sync and 10GB file uploads
- How to check your identity hasn’t been sold to the hackers
- Tim Cook: this is how much TV has changed since the 70s
- Westminster wins the .London battle
- 20 years of PC Pro: from deep pan pizza to virtualisation
- Five reasons why the Apple Watch leaves me cold
- Apple Watch, iPhone 6 and 6 Plus: Tim Cook's Apple back with a bang?
- BT Home Hub 5: how to get maximum speed
- 20 years of PC Pro: one-star reviews (including "the worst tablet we've ever seen")
- 20 years of PC Pro: our best covers
- Why we've closed the PC Pro forums
- How to write your company's IT security policy
- The key to choosing a secure password
- Please stop reposting fake Facebook messages
- Is Facebook safe for business?
- Don't rely on Chrome's password vault
- Facebook Graph Search: don't panic
- Gmail drafts and Pastebin: could they evade the email snoops?
- Applying for a job at GCHQ? Here's your plain-text password
- Google two-step verification: a must for business email
- Yes, I write down my passwords