06 Aug 2020

DPRTE Engage exhibitor spotlight: SolarWinds – The Invisible Enemy: Three Pitfalls of Defence IT Security

Writing for Defence Online,  Sascha Giese, Head Geek at  SolarWinds examines the challenges facing IT security and the how innovative technological solutions can help.

SolarWinds are exhibiting at DPRTE Engage Online 2020.

It’s well-known that the defence sector must be prepared for threats from all angles, but sometimes the focus lands on physical security versus cybersecurity. Though this is where our defence would have traditionally operated the most, over recent decades, the need for first-class IT security has become increasingly vital to keep the UK safe in a virtual sense. However, initiatives to improve IT security in most sectors are often ineffective.

The reasons for this can be attributed to three pitfalls: a one-sided perception of the threat, the implementation of initiatives with a rigid security definition, and the downgrading of IT security to a corporate role. The key to overcoming inefficient security is to understand how these challenges appear in the first place, before identifying what innovative technology solutions can help.

Pitfall #1: One-Sided Threat Perception

Often, the focus of conversations around IT security is on external threats, particularly from new technologies and the ever-increasing number of sophisticated cybercriminals in the world. Mobile end-user devices, cloud computing, and virtualisation blur the boundaries between IT applications and corporate networks. Reports of high-profile cyberattacks on prominent institutions and contractors across multiple sectors—such as the recent hacking of Interserve, the U.K.’s Ministry of Defence (MoD) contractor—mean that discussions can be primarily centred on external threats.

IT security against external threats is now indispensable for all; for the defence sector, the data organisations hold is too sensitive to put at risk. Nevertheless, this one-sided, outward-in view does not provide a complete picture of threats that organisations face. A simple mechanism is at work here: people tend to externalise security problems.

As a result, the walls protecting the organisation’s network from the outside are built increasingly higher, while the ease of access within the network can be overlooked. “Insiders,” who often move freely within a network, can be ignored unintentionally, and many users end up with access to large quantities of knowledge and data. Databases and file servers may become exposed to unauthorised use, misuse, disclosure, or even destruction.

Pitfall #2: Restricting Security by Definition

One of the biggest challenges with security initiatives is the fact that they focus on security. It’s too abstract a concept in itself to provide recognisable value to the end user. IT security incidents, particularly within the network, are rarely identified and thus remain beyond the experience of most employees.

To make matters worse, interventions—the sole aim of which is to increase security—can limit the work processes of users. This results in deviations from any new guidelines that the defence sector is expected to follow, which leads to the exact opposite of the desired results. The basic problem is security and efficiency normally conflict with each other.

The key point is  IT security measures must also offer tangible benefits for users. When this isn’t the case, the intervention is unlikely to be accepted. It’s therefore advisable to change the focus. The question should no longer primarily be how to increase security, but rather how to simplify existing security processes.

Pitfall #3: Constraining Security Development

As IT security has become increasingly crucial, multiple new roles have had to be developed to keep pace, such as data privacy specialists and information security managers. This is a significant change for defence organisations to manage. But many are still under the illusion that their security issues are then fully resolved. Unfortunately, security expertise within the organisation is also often completely centralised within certain roles and therefore restricted to these roles alone.

The problem with this is security expertise is siloed, which makes it difficult to expand. Aspects of it should be developed in a decentralised manner within the organisation, at least within senior management. The identification of sensitive information, knowledge, and data—and who should have access to these—can only be determined by the data owners within the different departments of an organisation. Given the vast amounts of sensitive data in the defence sector, it is crucial that only necessary users are given access to any one piece of it.

Make ARM Part of Your Armour

The solution to these challenges is access rights management. The practice is designed to help IT and security admins quickly analyse user authorisations and access permission to systems, data, and files, thereby helping them protect their organisations from the risks of data loss and breaches. Simply put, access rights management can help make user provisioning, deprovisioning, tracking, and monitoring easier, while minimising exposure to insider threats.

A quality access-rights-management tool establishes the conditions for implementation of internal IT security with five basic services:

  • Permission Analysis – Allows administrators to determine the access-rights situation within the network for the first time for resources
  • Documentation and Reporting – Gives visibility to access-rights histories and reports, which can be generated quickly and sent automatically to senior management, IT managers, data privacy specialists, and auditors
  • Security Monitoring – Allows the detection of security-relevant activities on the network and file servers, closing a major security loophole; self-assigned access rights intended for data theft no longer fly under the radar
  • Role and Process Optimisation – Allows data owners to be nominated for each area, who can then assign access rights for their users and create protected directories for sensitive knowledge on the file server
  • User Provisioning – Covers the setup of new user accounts, rights management, and editing of account details

As the number and sophistication of cyberthreats continue to rise year-on-year, the defence sector should consider the benefits of prioritising IT security and strengthening its security posture. After all, though some might think national defence is about armies against physical threats, the risks of the digital landscape can be just as dangerous.

SolarWinds will take their place at the DPRTE Engage Product Showcase, which offers an invaluable opportunity to engage and develop new and existing partnerships with a wealth of leading suppliers who are actively delivering a diverse range of innovative products and services that can support both current and future procurement requirements.

For the private sector suppliers, the product showcase conversely provides a unique platform to connect with over 1,500 key decision makers from throughout the full defence acquisition supply chain. 

Delegate registration is now open

In addition, a final few virtual exhibition product showcase opportunities are still available. For further details, please email exhibitions@dprte.co.uk or call 0845 270 7066.

Defence Online is the official media partner of DPRTE 2020

If you would like to join our community and read more articles like this then please click here.

 

If you would like to join our community and read more articles like this then please click here.

The post DPRTE Engage exhibitor spotlight: SolarWinds – The Invisible Enemy: Three Pitfalls of Defence IT Security appeared first on Defence Online.