Network & Data Security: Like Chocolate & Peanut Butter. Just better together.

Do you have a network security strategy and a data security strategy? If so, you might want to reconsider.

We’ve seen a distinct change in the nature and frequency of cyber attacks. We’ve been conditioned to think, and to organize our security teams, to guard against attacks on the network. But attackers – internal and external – have shifted their focus – they’re looking at your data. This is for one simple reason: that’s where the value is. The router, the operating system, the firewall, the IPS and other controls are simply hurdles to clear on their way to their ultimate goal: data that can be leveraged for financial or political gain.

Now, its not that your network infrastructure isn’t mission-critical. By all means, it is. But at the same time, using your network controls to address data-centric attacks is like bringing a knife to a gun fight. Just think of how many apps are in use throughout your organization and the sensitivity of the data they process. A host of off-the-shelf business applications alongside proprietary apps running the heart of your business functions. These apps are changing regularly, yet your security updates probably only happen on monthly, maybe quarterly, cycles. With these threat windows, who needs a zero-day? Compound this with the fact that there are probably very few controls being used to protect that data, and if they are, it is being done in a silo that fails to enrich the data controls with network visibility and vice versa. This gives attackers plenty of opportunity to exploit your systems and get access to sensitive data.

The cyber crime community has matured. They are now experienced and have trust groups as well as specialized skills. From carders, exploit writers and spammers, to bot herders, money launders and document forgers, this separation of duties has allowed them to scale and become more profitable by maximizing the ROI within their particular areas of expertise.  The people attacking your data are professionals, and many of them have the same if not more experience attacking as the good guys have defending.

The other complicating factor is that you’ve got probably got two different teams trying to address your security issues. Historically, security teams aren’t database administrators or application developers, they’re typically from a systems administrator or network administrator background. At the same time, your database admins and your developers don’t have a background in security. This leaves your organization with a pretty big gap to bridge when it comes to securing the organization.

So, how are you going to protect your organization if you’ve got separate network and data security strategies? With that approach, my guess is that your technologies may be pretty disparate – and while they’re useful, it doesn’t help if you can’t communicate with the other side of the house. You’ve probably got some redundant processes and overall remediation is tough. It takes more time and more money to handle the fundamental tasks needed to properly secure your organization. This extra time, extra resources and increased complexity shifts the advantage again in favor of an attacker.

This is why an integrated security strategy is critical. Both network and data security teams need to understand how users interact with your data, what assets (applications, databases, etc) need to be protected and what processes and technologies are in place to control access to those assets. Both teams need to understand the types of attacks or attackers that you’re up against and how the technologies and processes will react with countermeasures.

Apart, network and data security technologies can be so complex that the cure almost becomes worse than the disease. These tools and teams need to pull from the same resources and work in concert to provide a unified view of risk and an integrated approach to protection. This is how you get to a mature security posture, and this is how you make the playing field uneven in favor of the good guys.

At the end of day, you’re responsible for protecting the company’s brand, employee & customer data, the IP and to some degree its competitive advantage. If you have a stable, converged security program that transcends network and data, you can operate with higher level of confidentiality and integrity throughout your system. Rather than putting out fires every day you can help optimize the business.

Tags: Data Protection, Network Security