Guest Blog: The Biggest Threat to Security

Aruba’s Security Sales Specialist Richard Leadbetter discusses the role of security across wired and wireless networks.

Regardless of the changing types of attacks, one consistent threat regularly hits the top spot; people. The human factor all too readily providing misplaced trust and casual clicks that lead to media fanned disaster. It’s a valid concern but the problem I’m seeing rise the fastest is the worrying lack of trained cybersecurity staff to help businesses protect themselves, and to respond when things go wrong.

The situation is only getting worse – it is predicted that around 2 million cybersecurity roles will be left unfilled by the end of 2019. There’s no quick fix for finding that amount of people…there’s no 4 day training course for this one.

Assuming that these people are not going to magically arrive at your doorstep, what should we do to alleviate the resource problem in the short term?

Cross-train existing IT staff to assist with some security duties?

In that case, we first need to free up some time from IT. With it being estimated that spend on network operations is between 2 and 3 times the cost of the network it’s clear that something needs to be done to reduce the complexity of everyday tasks – and hopefully, significantly reduce mistakes at the same time. Whilst on the training theme, why not provide better (more impactful) security awareness training for all staff? Maybe the once a year phishing training isn’t quite what it was cracked up to be?

Help automate processes between security and management systems

With the average enterprise now having over 35 separate security products there’s a need to streamline how we can access the useful information from each – and to share that context between systems. Remember, with the skills shortage also provoking wage rises the chances of having fully trained staff on each and every product is increasingly slim. Anything that can save time on getting the most relevant info from all platforms, and therefore save time on individual investigations, has to be a good thing.

Make sure we’re investing time and money in the right areas

Security is always full of this year’s silver bullets – some will stand the test of time, some probably won’t. Regardless, we have to get the basics nailed down first to provide a secure foundation for future projects – there’s very little point in investing in the latest generation monitoring system if we’ve left the front door wide open.

Finally…

…and this is one aimed squarely at the providers of security solutions – we need to provide solutions that don’t impinge on the user and business experience; otherwise we only pre-empt the worse outcome for everyone which is to simply do nothing.

Alleviate these challenges with Aruba ClearPass. With Aruba ClearPass you get agentless visibility, dynamic role-based access control for seamless security enforcement and response across your wired and wireless networks.

Author: Richard Leadbetter, Security Sales Specialist, EMEA, Aruba Networks