As you may have known, Sourcefire, the leader in intelligent cybersecurity solutions, was acquired by Cisco recently in a deal worth approximately US$2.7 billion. In this article contributed by Ivan Wen, Country Manager, Sourcefire Malaysia exclusively for VERNONCHAN.COM, Wen talks about understanding our environment and threats to help identify dangerous conditions to mitigate the impact of a cyber attack and prevent future attacks. Read on.
How many times do we hear about people failing to heed warnings of potential danger from natural or man-made disasters only to be negatively affected? It all boils down to the fact that we tend to view the outcome as the indicator of success or failure. In the case of a near-miss, the outcome is positive so our natural tendency is to consider it a success. With enough ‘successful’ outcomes complacency can take hold along with a false sense of security; past experiences influence individual assessments of risk and lead us to make more risky decisions.
On the flipside, if we change our perspective and view the outcome of a near-miss as a near-failure, then we can take steps to minimize risk in the event of disaster. To do this we need to put a premium on safety. Leading automobile manufacturers have a long history of doing this successfully. Automobile manufacturers demonstrate that if we identify near-miss events as near-failures and then use them as an opportunity to recognize and correct dangerous conditions, we can actively reduce risk and move towards true success.
This same approach should be applied to cyber security where complacency doesn’t just cloud our ability to assess risk, it actually compounds risk by creating vulnerabilities. That’s because security is temporal. An organization may be safe today, but what about tomorrow? Business models are evolving, attack vectors are evolving and attackers are evolving too. Organizations are up against persistent and astute attackers that are taking advantage of dynamic environments and gaps in security to penetrate the networks.
As a security professional dealing with this reality it’s more important than ever to be able to identify near-miss events and take action, turning them into opportunities to enhance security. Below are a few key considerations when evaluating technologies and processes to support this effort.
Open. To deal with dynamic environments organizations need access to global intelligence, with the right context, to identify vulnerabilities and take immediate action. An open architecture lets allows the sharing of the latest threat intelligence and protections across a vast community of users for collective immunity. It also enables an easier integration with other layers of security defenses as your IT environment and business requirements change.
Integrated. To eliminate the gaps in security that attackers are exploiting, organizations need technologies that work together to secure networks, endpoints, virtual environments, data centers and mobile devices. Whatever form factor that the business requires – physical, virtual, cloud or services – look for solutions that enable the improvement of security controls with central policy management, monitoring and distributed policy enforcement.
Pervasive. Policies and controls are important to reduce the surface area of an attack, but threats still get through. Given today’s sophisticated and malicious attacks, organizations need defenses that address the full attack continuum – before an attack happens, during the time it is in progress and even after it begins to damage systems. Organizations also need to address all attack vectors including network, endpoint, mobile, virtual, email and web. Pervasive protection is the only way to detect, understand and stop targeted malware and advance persistent threats and avoid the ongoing damaging effects of a deeply rooted, long-term attack.
Continuous. Advanced attacks do not occur at a single point in time; they are ongoing and require continuous scrutiny. A security infrastructure based on the concept of awareness, one that can aggregate and correlate data from across the extended network with historical patterns and global attack intelligence, enables an organization to discriminate between active attacks and simply background noise. This helps to zero-in quickly on a malicious attack, take action to stop the threat and use that intelligence against future attacks.
There’s a lot we can understand about our environment and attackers to help identify near-misses and correct dangerous conditions to mitigate the impact of an attack and prevent future similar attacks. What’s needed is a realistic approach to security so an organization can see a near-miss for what it truly is – a near-failure. With that perspective, we avoid the trap – and risk – of complacency and gain more effective security.
About Ivan Wen
Ivan Wen has been appointed the Country Manager of Sourcefire Malaysia since January 2011. In his role, he assumes overall responsibility for driving business growth and profitability of Sourcefire in Malaysia and leading the planning and strategic direction, sales and support operations of the business.He also plays a key role in increasing customer satisfaction, working alongside the Company’s network of channel partners responsible for all Sourcefire’s business operations here in Malaysia.
Mr Wen has over 28 years of sales and management experience with proven track records in several Multinational Companies (MNCs). Prior to joining Sourcefire, he was the Country Manager for Tipping Point, the network security division of 3Com.
He started his career in NCR Malaysia as a Trainee Marketing Representative and worked the ranks to becoming a Sales Director. From 1989 to 1996, he was based in NCR Singapore. In January 1998, he joined Fujitsu Malaysia as a Sales General Manager for Fujitsu Malaysia. That followed on by Mr Wen joining Lotus Sales and Services Malaysia in August 2000 and becoming the Country Manager for Malaysia. In March 2004, Mr Wen started F5 Networks Malaysian operations and led the company to a market leadership position in the Application Delivery Controller market in Malaysia.
Mr Wen holds a MBA from Henley Management College of London. He has received strings of recognitions and awards along the years.