By
Lionel Snell
Editor, NetEvents
There used to be a simple formula for a security debate: hit them with a round up of the year’s worst horror stories – the latest hacks, viruses and how much they cost business – then introduce the latest most sophisticated technology solutions, designed put all that into the past.
The recent NetEvents EMEA Press Spotlight Round Table discussion – The Security Professional’s Best Friend: Artificial Intelligence – added greater intelligence to the mix. It was a combination of Artificial Intelligence (AI) and human intelligence – in the form of greater realism, more recognition of the limits to what is possible.
Ovum Principle Analyst, Rik Turner, discussed the challenges, the changes and the tech responses. In the 1990s, he explained, everyone was talking about prevention: “preventing the bad guys getting in, preventing malware from penetrating their networks. Their infrastructure could be safe. They could prevent all of those bad things from happening.”
Instead, over the last two decades, we have moved towards a new stance. The vast majority of vendors and practitioners now admit that the best we can do at the moment is to detect and mitigate: “detect once someone’s in, move to mitigate as quickly as possible, potentially do some damage limitation, do some quarantining so they can’t run amok within your infrastructure, and then subsequently to remediate, clean them up, get them out, and start again. Until the next breach”. That, he suggested, is really a defeat for the cyber-security industry. “It reminds me a little bit of the people defending the city of Constantinople when it was still capital of the Byzantine Empire… gradually the siege made it through the first outer walls, and drove them into the inner walls, until eventually they breached the whole thing. Notice that we use the term breach. We’ve adopted it from the world of siege warfare.”…Click here to read full article.
