This week I did a webcast, Planning for Failure, which makes the assumption that if you haven't been breached, it is inevitable, and you must be able to quickly detect and respond to incidents. An effective response can be the difference between your organization's recovery and future success or irreparable damage. While I was working on the slides for the webcast, I started to reflect back on the 2011 security breaches that personally impacted me. Three breaches immediately came to mind:
I am excited to announce my latest research, The CISO's Guide To Virtualization Security. This is the first report in a new series focusing on securing virtual environments. The reduced costs and flexibility of virtualization have led to widespread adoption of the technology. Despite this adoption, security and risk professionals haven't given their virtual environments the attention that is required. Our research interviews revealed several themes:
Business as usual is the status quo. IT departments rely upon traditional security solutions (end point and network security) to secure their virtual environments. Depending on the network architecture, virtualization can create blind spots in your network leaving you blind to intra-virtual-machine (VM) communication.
Many security pros aren't aware of the virtualization aware solutions available on the market. One CISO we spoke with wasn't aware that his organization's current antivirus vendor offered a virtualization aware solution. This isn't necessarily surprising; many of the virtualization aware security solutions are relatively new to the market. Virtualization aware solutions afford us the ability to have potentially greater visibility into workloads than we might have in our traditional physical environment.
Many security pros have a general discomfort with virtualization. Security pros, especially CISOs and other security leaders who have risen up the technical ranks, aren't as confident in their virtualization knowledge as they would like to be. This is particularly the case when we compare virtualization with more mature security areas, such as network security.