CSOs consolidating security as users’ “short memory spans” foster ongoing issues: exec

“Short memory spans” are continuing to exacerbate organisational security shortcomings and accelerating a trend away from point security solutions in favour of fewer, better integrated platforms, a senior regional security executive has reported.

Innovation in the security space had rapidly improved technologies but many vendors “tend to build for themselves unless they're out there trying to get feedback and understand the issues that real folks are seeing,” Intel Security CTO Mike Sentonas told CSO Australia.

“With the sheer amount of attacks that keep happening, the biggest question I still get is 'how do we reduce suppliers and work with one or two strategic vendors?”, he continued. “While it's interesting to see all the innovation in the space, there is also a bit of concern starting to creep through. Customers want to buy a product and consolidate it very quickly, for ease of use and strategic sourcing.”

That demand had seen changes in customer conversations in the wake of the assimilation of Intel Security – formerly security giane McAfee – into the Intel organisation: “A year ago, people were going down the path of buying so many tools but they're pulling back from that,” Sentonas said. “People want to know more about how they can create an ecosystem of products.”

This change in midshift had emerged as organisations increasingly look towards getting better visibility over their security infrastructures, with consolidation necessary to fully utilise the capabilities of cutting-edge security analytics tools that processes masses of data to pick out potentially problematic anomalous behaviour.

Yet better tools are only part of the solution, Sentonas added: despite all the security precautions in the world, he warned, organisations were still being hit over and over again by the same sorts of problems because users are fundamentally creatures of habit.

“We've got a pretty short memory span,” he said, referencing incidents such as the recent Ashley Madison hack, which has produced significant consequences for users that not only accessed the site but did so using corporate credentials.. “We like to use technologies, services, and apps. The want to use them far outweighs the security concerns they raise, and we will probably do that again and again.”

Given this inevitability of user behaviour, it is increasingly up to security practitioners to implement the platforms capable of monitoring such behaviour and picking out meaningful anomalies. Driving real change in security behaviour would only come over time, Sentonas warned, as repeated efforts to tighten controls in the back end – for example, through the security mandates of the federal government's Digital Transformation Office (DTO) – slowly began to pay off.

“It's such a difficult problem, and things are happening so quickly on the attacker side, that in making small steps you really won't see a lot of value from them for a long time,” he explained. “You'd have to do something drastic to get an immediate payoff.”

Read more: ​Global Citrix execs oversaw rewriting of mobile apps to secure Australian PROTECTED-level email tick

Yet with continued hacks occurring, he said, there are signs that a change in attitude is at least setting organisational philosophy on the right path: “security is really becoming top of mind for not only businesses and governments, but for everyone,” he explained, “and your security approach is going to capture everyone alnog the way. They're all wanting to know what their part to play is.”

Join the CSO newsletter!

Error: Please check your email address.

Tags dataDigital Transformation Office (DTO)mcafeesecurity shortcomingsMike SentonasShort memory spansCSO Australiasecurity executives

More about CSOCustomersIntelIntel Security

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts