Many enterprise organizations will shift to a posture that sees them operate under the assumption that they have already suffered a computer security breach and cloud computing will be a factor in that approach, two cybersecurity executives from Microsoft have told ExecutiveBiz.
Scott Price, general manager of the software giant’s national security group, identified that shift in assumption as a “cultural trend” in a recent conversation with ExecutiveBiz and said companies will move to a model of continuous detection and containment in order to stay ahead of potential threats.
“As companies continue to get hurt in this environment due the relentless attacks, decision-makers are going to consider whether they are still equipped to completely take care of their enterprise or they want to turn to cloud for a secure experience,” Price said.
The Department of Homeland Security is one federal agency that is in the process of adopting a continuous detection and monitoring approach for its cyber defenses and other agencies will include that method in their information technology budget priorities, a Deltek analysis says.
Cloud computing and big data are among the other drivers in the federal cloud market according to Deltek, which projects that market to grow 5.2 percent by fiscal year 2019.
ExecutiveBiz also spoke to Pat Arnold, a managing architect for cyber at Microsoft, who discussed how government agencies and companies have organized their priorities on how to safeguard information, a process Arnold says also looks at which platform an enterprise should choose to monitor potential cyber events.
“It is important to make sense out of the rich event-driven information and to provide a rich correlation of that data,” Arnold said.
Uniform standards for industry on cyber threat detection are still in the works and will be an emerging area for agencies and their contractors to watch in future years, Arnold says.
“Whether it means labels on information or control of emerging technologies, at the end of the day checking out how we can share information in a safe yet open environment will guide the industry in some of the areas,” he added.
Interconnectivity of technologies ranging from personal devices to home appliances has also driven change in how industry approaches cyber defense to handle “more sophisticated and very well-organized” adversaries, Price said.
According to Price, people and organizations that want to cause disruption in cyberspace use much of the same program management methods companies use to protect their systems.
“Taking those two things and throwing in the hygiene notion of corporations and individuals of not remaining current and vigilant due to the precept that intrusions will not happen to them, we start to have fertile grounds for the intruder to get into our networks,” Price said.
In response to an increase in intrusion attempts worldwide, Microsoft has started a digital crimes unit that collaborates with law enforcement organizations to take down programs that infect computers and cause them to work in concert to spread spam or conduct hacks, known as “botnets.”
“From a technology hosting Internet domain perspective, we can sever the head of the beast,” Arnold said.
Arnold called that effort part of the new kinds of conversations governments have had over what legal instruments, legislation and policies they can adopt in order to combat potential cyber threats.
CEOs, other high-level corporate executives and boards of directors should also involve themselves in conversations over how enterprises should manage cyber defense and information security, according to Arnold.
That conversation is still an infrequent one in much of the business world, according to a study released by Raytheon and the Ponemon Institute in February that says more than three-quarters of corporate boardrooms do not know their own companies’ strategies against cyber attacks.
Such a conversation around security also takes place with Microsoft’s federal customers when they look to acquire cloud computing tools, a two-part process Price described as involving an inventory evaluation of what pieces the company sees as candidates for a migration and those that it believes should get high-level security.
“We often find that the federal and corporate enterprises can have a hodgepodge of all the new systems and others that are not current but provide exposure to the client,” Price said.
“The cloud basically provides the client with a single environment that is current, controlled, maintained and hardened.”