Rushing to adopt the next big thing does little to improve overall information security if the basics are not in place, says Brendan Kotze, MD of Performanta Services.
Kotze says local companies must question their maturity around endpoint and malware management. "Unfortunately, while endpoint and malware management was once a key focus, it's not seen as ‘sexy' anymore. So, most companies are not seeing full value from these investments, because they are not implementing them correctly, optimising them, managing them effectively, or aligning them to business requirements.
"It's time to get back to basics," Kotze says. "We see a cycle of purchasing where enterprises buy the next big thing based on new features or version number, but they implement the solution using nothing more than default settings. Naturally, the results are disappointing, so they lose faith in the technology and go out and buy more technology. So the cycle starts over again. It is important to recognise that the technology is just a piece of the puzzle. The lion's share of focus should rather be on people and processes."
Kotze believes many enterprises are following an ‘80-20 rule', where they spend 80% of their budget solving 20% of the problem. "But, in most cases, they already have solutions in place that could address much of their risk if they were optimised and integrated. You might say that if your perception of an endpoint solution is poor, you probably haven't implemented it properly or optimised your investment."
Believing that enterprises ‘should not blame the kit, they should blame the implementation', and ‘you cannot manage what you can't measure', Kotze will address the upcoming ITWeb Security Summit on endpoint malware management and DLP; getting back to basics; carrying out a root cause analysis; managing threats in a logical way; and creating reports that are actionable and effective. For more information about this event, click here.