Refining, practicing security response tops 2015 security priorities: Dimension Data

A growing profile for managed services and the adoption of cloud-based security services are among the key security priorities expected to define the market in 2015, Dimension Data security experts have advised based on their regular interactions with clients during 2014.

Topping the list of priorities was the need to focus on incident response as well as incident prevention, group general manager for Dimension Data's Security Business Unit Neil Campbell advised, with organisations encouraged to conduct regular 'fire drills' to ensure that IT and management teams are regularly kept up-to-date with the best response to a security incident.

These responses might include recovering evidence, identifying and resolving the root cause of the incident, and conducting a forensic investigation. “It's inevitable that security incidents will occur,” Campbell said in a statement.

“It's therefore critical that organisations begin to focus on identifying what we call 'indicators of compromise', putting a comprehensive incident response plan in place, and performing regular IT security 'fire drills'.”

Supporting these efforts will be an increased focus on managed security services, which will grow in importance as the task of monitoring an ever-expanding threat base becomes more complex. Since many organisations lack the skills to respond to this threat inhouse, Dimension Data found, embracing managed security services has become a significant priority for many during 2015.

Third on the list of priorities is the shift towards cloud-based IT security, leveraging cloud scalability to deliver security solutions to large numbers of users. Such solutions will also increasingly be used to secure cloud applications, which present new security challenges for cloud providers and users alike.

“It's no good adopting [cloud] only to be told by auditors a year later that your cloud provider's security controls aren't up to scratch,” Campbell said.

“We'll see cloud providers investing heavily in building rich network architectures that support the gamut of security controls, so that they can assure their clients that enterprise-grade security technologies are being applied to their workloads.”

Fourth on Dimension Data's list of priorities for 2015 is the shift from viewing security as a collection of discrete products, as in the past; instead, security will become a unified platform – a 'single pane of glass' – through which organisations can manage their security assets. This approach not only provides more flexibility in security and management of security, but supports organisations' increasing demand to deliver and secure mobile solutions for their users.

Completing the company's list of expected priorities in 2015 is the need to improve endpoint security, which Campbell said has come “back in vogue” as security professionals find their existing security controls aren't as effective as they used to be.

Application control frameworks are expected to make a resurgence in 2015, with a focus on identifying malicious behaviour at the endpoint instead of trying to catch the code itself.

This trend, Campbell said, ties closely with the focus on incident response: “at some point someone is going to click on something they shouldn't,” he said, “so organisations must be proactive about managing the impact of such events.”

“Security professionals will be looking at devices for indicators of compromise, and then enabling some form of incident response. They'll deploy technologies to make incident response easier.”

This article is brought to you by Enex TestLab, content directors for CSO Australia.

Upcoming IT Security Events

Feb 3rd, Feb 4th, Feb 6th 2015

Join @NirZuk #PaloAltoNetworks for Breakfast (lunch in Auckland) on keeping your enterprise safe from risk. Cyber attacks continue to increase in volume and sophistication leaving traditional security practices completely ineffective. 

Register Today Seats are limited

March 3rd, March 5th, March 9th 2015

Join CSO for the day@#csoperspectives and hear from @kimzetter @frankheidt

3 International Keynote speakers, 36 Key IT Security Industry Speaker, 21 Exhibitors, Security Analysts and many more.. Register today

Dont miss one of the biggest IT Security events in ANZ (registration is free, but seats are limited)

Join the CSO newsletter!

Error: Please check your email address.

Tags Neil Campbellsecurity responsecloud-based securityEnex TestLabdata securitysecurity priorities2015dimension dataCSO Australia

More about CSODimension DataEnex TestLabIT Security

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts