Blog single

From Protection to Prevention

“Adapt a risk-based security program that prioritizes data and assets most important to business and focus on detection, response and remediation.”

Enterprise security today is a corporate culture, rather than norms and mandates. What would be the golden rule for any modern organization to initiate this culture?

The fact that it is almost impossible to foresee all threats and vulnerabilities, makes any corporate security program, reactive, rather than preventive. It’s time to shift focus from protection and prevention. Enterprises also need to realize that it is not possible to protect everything and hence prioritizing what needs to be protected is of ultimate importance. One golden rule for corporates would be: “Adapt a risk-based security program that prioritizes data and assets most important to business and focus on detection, response and remediation.”

Let us come out of the clichés of ‘security is a shared responsibility’ and ‘Every employee is a potential target’……etc. Where are we falling short?

With the influx of IoT and a profound liking for cloud by enterprises, the vulnerabilities and potential entry points for breach increases exponentially. It’s virtually impossible to restrict the devices and applications coming into the enterprise network or restrict external users accessing your business applications. In such a scenario, all that needs to be done is to ensure that the most critical assets are protected and are not being accessed by outsiders.

Discovering, tracking, reporting, solving, mitigating, or preventing— where does your core strength lie and how can enterprises build an end-to-end visibility for advanced threats?

Our core strengths lie in discovering, tracking, reporting and preventing.

Enterprises needs to invest in security programs that work in tandem and not in silos.   This helps bring full visibility across networks, endpoints, cloud, virtual machines and logs and present a complete picture what’s going on in the enterprise network. It is equally important to be able to transform the data collected into intelligence.

When the discussion on ‘Security’ leaves the boardroom, how welcoming are your solutions to the CIO/CISOs? How can they build a robust infrastructure with you?

ValueMentor places great importance in understanding the challenges in business faced by our partners. This is crucial in creating wholesome solutions for their security needs. Solutions provided in silos are ineffective in the long run. Our approaches are responded positively by our partners.

How should various securities co-exist in an enterprise (if they should)? What kind of involvement or engagements can an ‘all-round’ security architecture expect from the vendors?

Various security approaches functioning within an organization cannot function in silos, it only weakens the system. An effective security architecture is the one which is holistic and integrated in its functioning, evolving with the ever-advancing antics of the hackers. An all-round security architecture should take into account, application security, host security, network infrastructure security and security policies and procedures.