As a security professional, you’re confident that your home and family are well-protected. All the doors and windows have locks. Alarms will blare if glass shatters or if there’s unexpected movement when you’re out. Lights illuminate the dark corners of the yard. You can monitor who’s at the door—and anywhere inside or out—from a mobile app.
But your kid forgot to close the garage door when he left for school this morning.
That’s no different than many enterprises. IT works diligently to protect the business and high-value data. Yet employees and contractors – trusted insiders – often pose the biggest threat, and criminals have sophisticated ways to pass right through the gaps in your IT infrastructure.
What’s on Your Network?
Knowing what’s happening on your network has always been a challenge and getting that visibility is getting even harder. Mobile, BYOD and the explosion of IoT open up many more ways for threats to evade your defenses. IT teams are running lean, with a painful shortage of cybersecurity professionals—and a highly distributed enterprise to protect.
To better understand the IT security gap, Ponemon Institute partnered with Aruba, a Hewlett Packard Enterprise company to survey 3,866 IT and IT security practitioners in Asia-Pacific, EMEA and North America.
It’s probably no surprise that 70% of survey respondents said the goal is to find attacks before they do damage, and 71% want to reduce investigation time and effort.
Do You Have a Network Gatekeeper?
The Ponemon survey revealed that compromised legitimate users are considered the greatest risk. Better visibility into the network is a critical factor in detecting attacks from the inside. In the study, 63% of respondents highlighted the importance of visibility into network traffic to detect attacks.
More than half said that network access control (NAC) was a key component in their overall security strategy. NAC solutions provide visibility through the discovery and profiling of all devices—whether user or IoT, so that IT managers have clear knowledge of what’s connected to the network, where and when. While many organizations deploy network access control first for their wireless LANs, 52% of respondents agreed that network access control is critical for both wired and wireless networks.
Automation and AI Can Close the Security Gap
Security pros are looking to advances like artificial intelligence (AI) and machine learning (ML) to gain detect attacks faster and close the security gap. AI/ML can be used to analyze user and device IT activities like authentication, remote access, internal access to high-value resources and cloud app usage, and spot changes in behavior that are often indicative of a gestating attack.
Once an attack is detected in its early stages, the network can be used to take action, such as immediately quarantining the compromised device, forcing a reauthentication, controlling bandwidth usage, or changing its role.
In fact, 64% agreed that AI/ML is essential to detect attacks on the inside. They see strong value in AI/ML to reduce false positives, increase the effectiveness of the security team and more efficient investigations. That lessens the workload of already-overburdened security analysts and enables them to stop attacks faster.
Using AI to find attacks faster isn’t a sci-fi scenario, either. One quarter already use some form of AI/ML for security, and 26% planned to implement in the next 12 months.
Having this level of visibility and automation for your enterprise network is like having active security for your home. Now, when your teenager leaves the garage door open, you can immediately detect the intruder, and take appropriate action, whether it’s a curious racoon or worse.
Related Content
Read the full Ponemon research to understand how your security gaps and solutions compare with the industry.
CSO: The Greatest Risk to Your Enterprise is Already Logged into Your Network
