I’ve commented many times that cyber security management today is far too slow. It’s the result of many factors: the treacle of standards and compliance; the need to gain business case approval for security investments; the influence of quality management concepts that promote long-term process improvement at the expense of short-term action.
This situation will not be changed by security managers, They are under mounting pressure to demonstrate compliance with established standards. Nor will it be fixed by security institutes who tend to have a substantial investment in traditional practices. The reality is that it will only be through the emergence of disruptive technologies that deliver a step change in the speed of incident detection and response.
Fortunately we are now seeing faster security services emerge, as vendors embrace the Cloud and explore the potential for managing big data. I’ve long been a fan of Qualys and their innovative products which transformed vulnerability assessment from an expensive, infrequent exercise to a fast, frequent and universally-available process.
A few weeks ago I was fortunate to get a briefing from Sourcefire on their latest technology (announced last week) and I was very pleased to see that their new products enable much faster and more reliable malware detection, transforming the detection process from a once-off perimeter check to an internal, always-on process.
It’s the type of breakthrough we need to see more often. Security managers cannot counter emerging threats though people and processes. We also need real-time, pervasive protection though vigilant technology.