Thales Blog

Lessons Learned At RSA: APT Protection Via Data-Centric Security

March 11, 2013

Data SecurityAfter talking with customers, prospects, partners, investors and other industry players at RSA Conference, Pacific Crest’s Emerging Technology Summit and AGC Partners’ Technology Growth Conference, it's clear to me that the growing focus on data security is only going to intensify in the coming months. Data is the new currency, it has immense value, and everyone is fast coming to the realization that protecting it is no simple matter.

As recent weeks have evidenced, the APT tornado is getting larger, gathering speed and becoming ever more dangerous. More ominously perhaps,  we're all in its path of destruction. No one is immune, and legacy approaches such as perimeter security and simple encryption are not able get the job done anymore. Perimeter security is largely irrelevant because the barbarians are already inside the gate, and simple encryption (i.e. disk encryption) gives a false sense of security; while it does encrypt, it  lacks policy control which is vital to protect against the rising tide of privileged user exploitation. Moreover, while much of the world believes that compliance = safety, it doesn't. "Check box" security may give some level of comfort, but like a placebo, it does not offer any real protection against today's sophisticated cyber attacks.

Whether we like it or not, the APT landscape will continue to evolve and attacks will become even more sophisticated. The risk to valuable data is always present and no one can rely on "flying under the radar" anymore.  It’s time for enterprises, cloud service providers and government organizations alike to take a policy-based data-centric security approach, adding multiple layers of defense to protect the very thing that matters: their sensitive data.

In fact, the best way to reduce the attack surface of APTs as well as yield high-value security intelligence is by putting in place advanced encryption and key management technologies, strong data-centric policies, and a set of fine-grained controls. Doing this will enable you to: 1) control root-level access, thereby reducing privileged user exploitation; 2) render sensitive data useless to attackers because it's in an unusable state; and 3) thwart attacks — from both outsiders and insiders — by gaining insightful security intelligence that identifies unusual activity patterns and high-risk activity and behaviors.

The bottom line is that you can protect what matters. You just cannot do it relying on legacy data security approaches like disk encryption or perimeter security. You have to get a data-centric security plan in place, and the time to do that is today.

Alan Kessler is Vormetric’s President and CEO. Follow him on Twitter @kessalan.