[Deloitte]Cyber Intelligence | Tech Trends 2011
Quan pensem en la seguretat de la informació en el món de l’empresa, se’ns ocorren molts conceptes que no són del tot equivalents: seguretat informàtica, seguretat de les dades, seguretat a Internet, etc.
Per això, s’estan concretant més alguns termes i, per exemple, quan parlem de la seguretat en relació a Internet, comencem a parlar del terme ciber-seguretat.
En el seu informe sobre tendències tecnològiques, Deloitte recull l’evolució de la ciber-seguretat a la ciber-intel·ligència. Vegem-ne un extracte:
| What were the challenges? | What’s different in 2011? | |
|---|---|---|
| Cyber security | Many cyber security efforts were geared toward perimeter intrusion protection and detection. As threats shifted inside the trust zone, new tools and techniques were needed.Identity and access management solutions were subject to systems silos – with isolated entitlements, activity logging and controls. Limited context of surrounding events made pattern detection of higher-order threats extremely difficult.
Technology solutions were manual, perceived as nuisances to the business and often circumvented. The Chief Security Officer (CSO) or CISO, if they existed at all, were typically technologists with deep domain knowledge, but without a seat in the boardroom. |
Cyber security is increasingly framed as a combination of architecture, practices and processes – with equal focus on internal and external threats.Highly integrated tool sets and investments in cyber analytics have helped connect dots and identify previously undetectable exposures.
Automated identity management tools are incorporated into day-to-day tasks, including smart cards, biometrics, fingerprint and handprint scanners. CSO role has become common-place, possessing a mix of technology and leadership skills and a seat at the executive table. |
A més de l’evolució de les amenaces i dels controls que hi podem aplicar, apareix la idea de fer servir tècniques analítiques per millorar la protecció, i anticipar-se a les amenaces. Així és com es defineix a l’informe:
Analytics: Effectively studying associations between people, organizations and other security-relevant data elements across systems and organizational boundaries requires broad capabilities, including data management, performance optimization and advanced analytics- integrated with system log files, storage, physical security systems and mobile profiles. Predictive modeling outputs are used to automate control updates, complemented by visualization to allow manual exploration of information. Additional value can be derived by providing insight to line-of-business decision making – ranging from fraud prevention to vendor management contracting.
Aquest salt en la maduresa de la prevenció d’atacs i incidents informàtics, el fet de passar de protegir a preveure i anticipar-se, és el que porta a parlar de ciber-intel·ligència.
Enllaç: Cyber Intelligence | Tech Trends 2011| Deloitte Consulting LLP.
El bloc de d'Artagnan 
leave a comment