PHOTO - (from left) Wong Loke Yeow, regional marketing director, Enterprise Security Products, HP Asia Pacific and Japan; and Richard Archdeacon, CTO, Strategy and Technology, Enterprise Security Services, HP.
Technology solutions giant HP's enterprise security experience has been brought to the fore with the global announcement today of new additions to its security solutions portfolio, said HP Malaysia. These changes cater to a need for a more proactive, strategic approach using security intelligence and governance, as shown by a new study from Coleman Parkes Research.
Speaking in Kuala Lumpur on 7 September 2012, HP Enterprise Security chief technology officer, Richard Archdeacon, together with HP Enterprise Security products regional marketing director, Wong Loke Yeow, outlined some of the background that led to HP's decision to launch its new enterprise security portfolio.
"Security is fundamental in everything we do; it has been built into all our services and products for many years, and in some respects this expertise has been a secret that not even many of our staff is aware of. For example, the banking industry has for some years used hardware security processors among other solutions from the HP Atalia Network Security group, which also uses key block to securely store and control all keys used with Atalia banking products," said Archdeacon.
"While security is built into all of our solutions, our focus is a whole strategic security and risk management approach rather than endpoint," he said. "HP's multi-level open strategic, integrated security infrastructure approach is a discrete proposition that brings together the current rather fragmented, siloed security environment in most enterprises both in Asia and around the world."
"Business metrics as well as technological tools, and services are brought to bear on people, processes and IT tools in enterprise. In a sense, the open framework approach allows us to offer a complete strategic and implementation service: HP is a best-of-breed SI, or security integrator," said Archdeacon, adding that the company has managed security presence in all major verticals, which include banking, manufacturing and the public sectors.
"The emphasis is to shift security away from a reactive to a more proactive stance with the better use of intelligence, especially with solutions such as HP Enterprise Security Intelligence platform to identify critical weak areas across the enterprise," he said. "The ability to measure and monitor through advanced analytics is possible through 360 degree security monitoring and proactive testing through such a solution as HP ArcSight."
HP's Wong cited global research from Coleman Parkes Research that indicated security is no longer viewed as an add-on. "IT security officers now have a seat at the upper management table as the role of intelligence can avoid many situations. According to the study, organisations in Asia Pacific and Japan are becoming more proactive in their approach to security, with more focus on strategy, governance and security intelligence."
The Coleman Parkes Research study, commissioned by HP, comprised 550 interviews among senior business and technology executives within enterprises (more than 1,000 employees) and midmarket companies (500-1,000 employees). The interviews were conducted via phone in July 2012. Regions included North America (United States and Canada), Europe and the Middle East (Czech Republic, France, Denmark,
No single silver bullet
Archdeacon added that the study also showed that 80 percent of senior business and technology executives surveyed said their organisations' security leadership has a seat at the table with other C-suite executives. Additionally, security intelligence is on the rise with 82 percent of respondents indicating that they are exploring Security Information and Event Management (SIEM) measures.
"However, more focus is placed on reactive security measures than on the more important area of proactive security measures," he said, adding that one example showed that more than half of respondents said time and budget spent on reactive security outweighs investments in proactive measures. "Less than half (48 percent) currently have an information risk-management strategy in place, and 48 percent manually consolidate information risk-management reports or do not measure risk at all, which hinders their ability to proactively anticipate threats."
Executives surveyed also expressed concern that new technologies present unfamiliar and complex security problems, added Archdeacon. "Cloud computing continues to be a top security concern, but research suggests that the problem is an education issue rather than a technology issue. The majority of respondents said the biggest challenges around cloud stem from a lack of understanding of security requirements (67 percent) or procuring services without screening the service provider (66 percent). However, more than two-thirds of respondents believe that cloud services can ultimately be as secure as their on-premises data centres."
The executives identified IT trends that are adding complexity to enterprise security management, which include:
1. Mobility: More than three-quarters (84 percent) indicated difficulties in central device management, while almost two-thirds (61 percent) indicated that the proliferation of mobile devices increases the potential for data loss or theft.
2. Big data: More than three-quarters (76 percent) of respondents cited difficulties protecting and consuming big data.
3. Identity management: Respondents indicated that the biggest issues around identity management are data protection (80 percent) and identity governance (73 percent).
4. Printer-based intrusions: Although data security is a priority, 80 percent of respondents do not have printing security solutions in place, which makes them vulnerable to printer-based intrusions and misappropriation of printed documents.
Threats continue to grow in sophistication, persistence and unpredictability, he said. To handle these complex threats, organisations need to adopt a proactive, sustainable approach to information risk management.
"HP intelligent security solutions is a framework made up of integrated solutions as there is no single silver bullet," he said. "These help clients assess, transform, optimise and manage their security environments to protect the assets that matter most to their organisation."
ATOM and security intelligence
"HP uses ATOM - assess, transform, optimise and manage - as a transformative process," said Archdeacon. "Measurements or metrics play an important part. To paraphrase a scientist from the 19th century, if you can't measure something, you probably shouldn't do it."
"The open approach allows for different solutions from other vendors," Wong added. Reporting tools such as HP ArcSight Logger, which allowed for cost-effective log management, include unified searching, reporting, alerting, and analysis across any type of enterprise machine data for IT GRC, IT Operations, SIEM, and Log Analytics.
New announcements to HP security solutions portfolio today include HP Data Center Protection Services, HP ArcSight Enterprise Security Manager 6.0c (security monitoring), HP TippingPoint NX Platform Next Generation Intrusion Prevention Systems (NGIPS), as well as a mobile application for IT security professionals that uses data from HP Digital Vaccine Labs (DVLabs). For Android, iOS and webOS devices, HP Information Security Pulse, is also available at no additional cost to help security professionals address risks that may affect their environment.
"To use the analogy of a car, solutions such as HP TippingPoint NGIPS would pick up on the driver and not just the vehicle details including the licence plate," said Wong. "Analysis and reporting will help to point to vulnerabilities in an organisation such as door security in a facility. To have useful security intelligence, which requires the ability to handle millions of data points, also points to a need for efficient data storage. One client, a national military organisation has to track about one billion events a week."
A solution to help meet this need lay behind the introduction of HP Security Pulse, said Wong. "Such solutions are driven by intelligence from several research centres, which include HP Labs, DVLabs, Software research labs, as well as the Lighthouse project. HP also has built a community of about 1600 independent researchers that could be described as 'Whitehat hackers.'"
Archdeacon added that HP operated responsible disclosure, which allowed vulnerabilities to be pointed out to a solution's vendor/provider. "This is an industry initiative, which allows 30 days for the fix, before the vulnerability is made public."
Both Archdeacon and Wong agreed that companies in Malaysia and the rest of the region were not taking a back seat in security. "Risk based security has always been top of mind for practitioners, which an integrated framework proactive approach would help stop or mitigate many security situations," he said.
"The collaborative focus on intelligence is drawn from our security experience," he said. "Rather than start with tools - such as for instance, MDM (mobile device management) - enterprise needs to take a proactive approach to such a challenge as managing BYOD (bring your own device), big data, and cloud computing trends. The proactive strategic framework approach that uses security intelligence and risk management will help to create the most effective policies and point to the right tools and solutions for enterprises."
Sign up for Computerworld eNewsletters.