The biggest information technology security challenge for companies is detecting and responding to threats, according to Rob Sadowski, director of marketing at security company RSA.
However, many businesses are still wrongly focused on outdated IT security tactics, trying to prevent attacks by using antivirus software and firewalls rather than aiming to detect inevitable intrusions and then prevent or contain damage, he said in an interview at the company’s annual RSA Security Conference in San Francisco.
“Defences are often built for yesterday’s IT,” he said.
“Companies are warming to that idea that it now isn’t if, but when, they will be attacked. But for that not to be a fatalistic point of view, what do you do?”
The goal is to have systems, and increasingly, well-trained IT specialists in the company that can recognise an attack when it is happening, and detect it as early as possible to limit loss, he said.
A recent survey of companies by RSA indicated three out of four organisations were “very dissatisfied with their ability to detect and investigate those threats,” Mr Sadowski said.