The catch: culling all of that information into a meaningful view.
Threats against business-technology systems are quickly evolving, and Zions Bancorp is moving toward a consolidated view of its security posture so it can more effectively spot weaknesses and mitigate the risks of a successful attack, says Preston Wood, chief information security officer for the $1.9 billion-a-year company. "The time between when a [software] vulnerability is discovered and a worm appears is shrinking," Wood says.
Zions Bancorp is deploying Skybox View from Skybox Security Inc. to harvest information from various security technologies--including intrusion-detection systems, firewalls, antivirus software, and software-vulnerability scanners--into a consolidated view. While a software vulnerability in a widely deployed application may surface, that vulnerability, because of firewall rules or other security defenses, may not truly pose a risk to an organization. With Skybox, Wood says, he's able to see if the bank's systems are at an immediate risk, or if patching systems could wait a few weeks. "It lets us mitigate risk more smartly, and we can better dedicate resources and deal with the important issues," he says.
Wood isn't alone in his security efforts. A full 82% of the 300 business-technology managers polled in the InformationWeek Research Outlook for 2005 study, part of our quarterly Priorities series, ranked updating their security procedures, tools, and services as their top business priority, and 67% of companies will work to improve their network security-management software. Security outweighed business optimization (80%), improving customer service (79%), and even boosting worker productivity (74%).
Western Corporate Federal Credit Union also is working to get a complete enterprise view of risk, says Chris Hoff, chief information security officer and director of enterprise security services at the financial-services cooperative. WesCorp's goal is to invest its security budget in the right areas. The company's big security efforts next year will include identity management, single sign-on, and additional wireless security, Hoff says.
Hoff and his security team at WesCorp will integrate vulnerability-management software from Qualys Inc. with Network Intelligence Corp.'s security-event-management and Skybox View software. This will provide WesCorp with what Hoff describes as "actionable intelligence."
"When it's patch Tuesday and you have large server farms and thousands of systems, you need to know if you're truly at risk," he says. WesCorp's integrated security system will tell Hoff if systems actually are vulnerable to a security flaw, or if the defenses in place already are protecting them. Says Hoff, "It's more about reducing risk and demonstrating business value than simply technology mumbo jumbo."