Pro+ Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
March 2010

Relying on basic network intrusion detection systems isn't enough

How would you know if your organization has been breached? It's actually a simple question and the answer is often an assertion of some degree of incident detection capability. However, as one CIO wryly told me during a network assessment, if he chose to spend time and money building a detection architecture that actually worked, it might somehow prove he has security problems. Unfortunately, I don't think he was entirely kidding. Despite significant advances in detection technologies, many organizations are woefully behind the times with respect to building robust capabilities to successfully identify genuine incidents. Detection is not simply a technical toolset but a complex capability, one that ideally includes well-defined technical and process domains, managed by competent staff. Weakness in any one domain severely diminishes detection effectiveness.. Unfortunately, in many organizations, detection is simply not viewed as a strategic security capability. The result is that activities are limited to deployment of ...

Access this Pro+ Content for Free!

By submitting you agree to recieve email from TechTarget and its partners. If you reside outside of the United States you consent to having your personal data transferred and processed in the United States. Privacy Policy

Features in this issue

Columns in this issue

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

-ADS BY GOOGLE

Close