By Simon Arnell, Innovation Consultant, Enterprise Security Services
Research originating from HP Labs, and funded by the UK Government’s Technology Strategy Board (TSB) has led to a new approach to analysing security related risks. Called Security Analytics, this research – now commercialised as a standard offering from HP Enterprise Security Solutions (HP ESS) – supports organisations‘ strategic decision making processes by providing objective, scientific evidence around several key areas of information security.
Areas featured in Security Analytics currently include Vulnerability and Threat Management (including analysis of web based infections), Identity and Access Management, and Security Event and Incident Management, and more areas are being developed in response to the changing threat landscape. This short list covers some of the hottest and most actively debated issues in information security today. Understanding how to effectively manage the controls that we put in place to minimise risk, whilst keeping an eye on costs, requires a deeper understanding of the situation than has ever been called for before.
Security Analytics is by definition a scientific approach, but that’s not something to be intimidated by. While there is a deep mathematical component to the process, this is entirely hidden to the customer and only utilised by the client as a means to capture the situation, meaning that the results are intuitively compelling regardless of your specialism, providing strategic decision support to information security management.
A key element of the Security Analytics process involves understanding how businesses themselves understand risk, and how that understanding shapes the way in which security investments are made. Making trade-offs and choosing from different courses of action are core competencies in today’s operational information security world.
Take patching as an example; the trade-off between patching aggressively – trading planned outages in favour of unplanned service disruptions – is one risk mitigating strategy, but also a dilemma.
The insight that Security Analytics offers arises from a set of decision models that have been validated against major financial services and public sector clients. The results of the analysis provide a real-world interpretation of situations that previously could only be thought of in the abstract. This level of understanding gives all involved in a risk decision making process the added confidence necessary to engage convincingly and articulately with senior representatives of the organisation.
Using modelling techniques to investigate complex situations and provide greater insight is demanding on time and resources. However, with easier access to cloud based services – like those used behind the scenes in the provision of the Security Analytics service –that which was previously unrealistic is now exceedingly practicable. The modelling process is relatively straightforward. Based on detailed discussions with the customer, models are created that when exercised against a set of pre-established scenarios (here called experiments) lead to results that succinctly capture the options available to the client whether these be people, process or technology investments, or reprioritisations.
But solving these technical challenges is not the goal; the goal is to provide compelling, objective evidence that supports information security decision making at the highest level. To hear what one client who has recently completed a Security Analytics engagement with HP ESS had to say about their experience, see the video below. You’ll hear how HP ESS worked with the University of Nottingham to examine three areas of interest. The findings of the study showed the University how best to tackle a range of solutions, and gave them added confidence as they refined their strategic plans.
To learn more about security analytics from HP ESS download the information sheet here. If you are interested in the technical detail and the role that HP Labs played in developing this technology visit the website here.
