Feeds:
Posts
Comments

Posts Tagged ‘netflow’

chinesehackers

Some of my ‘so-called’ friends that help organize the RSA Security Bloggers event have decided that folks that attend should actually have blogged something recently, well I haven’t so to make them happy…

With the increasing frequency and severity of advanced threats perpetrated by highly-organized and sophisticated groups and nation-states, enterprises need to realize that they are either compromised or will be soon. Traditional techniques need to be augmented with more sophisticated and exhaustive methods to provide visibility into all aspects of the internal environment – this requires continuous monitoring and analysis of all ingress and egress traffic patterns from every host on the network regardless of the source, destination or type of traffic.

There are 5 key initiatives that every organization should implement:

  1. Invest in security professionals that have strong experience with forensic investigation and incident response
  2. Implement incident response programs that complement and extend current prevention approaches to information security
  3. Deploy network security technologies that provide deep visibility into the state of the internal network and can collect, analyze and archive massive amounts of all network flow data
  4. Ensure network monitoring solutions integrate with existing network security tools, such as IDS/IPS, SIEM, and firewalls
  5. Make security awareness throughout the organization an ongoing element of the information security program

Brevity is a gift shared by very few in the security industry =)

Advertisements

Read Full Post »