Discover Performance

HP Software's community for IT leaders // February 2012

What ‘security intelligence’ really means

To secure your enterprise, you must have an integrated view of your data and IT systems at all times.

With cyber-attacks gaining in frequency and sophistication, and the rising cost of a security breach averaging $9.2 million in 2011 [1], companies can’t afford to be without an integrated, enterprise-wide security perspective. Yet security solutions have usually been applied as “bolt-ons” rather than integrated into a larger enterprise security strategy or framework. Multiple security technologies—many of them architecture-specific—provide no real intelligence into how well your enterprise is securing an explosion of data and the systems through which that information flows.

“There’s a fundamental shift in how companies are thinking about security,” says Tom Reilly, vice president and general manager of HP Enterprise Security Products. “It’s not just about defense in-depth, but about how we get security intelligence, how do we understand where our greatest risks are and how do we detect where we have been breached.”

In response to these issues, the phrase enterprise security intelligence (ESI) has made its way into the CISO’s vocabulary. Introduced by analyst firm Gartner, the ESI concept calls for a holistic perspective on risk and vulnerability—in other words, an elimination of silos.

Without establishing ESI in your organization, it’s impossible to know where you stand on this score. Say, for example, a user accesses secure company data at 7 a.m. from Los Angeles. If that same ID is used to log in six hours later from Eastern Europe, a system made up of many disparate point products might not catch the discrepancy. The problem is siloed security—the solution is comprehensively correlating security information, and providing context eliminates silos.

Establishing ESI in your organization

Enterprise security intelligence springs from the ability to correlate information and context, as well as the correlation of technologies themselves. There are two key components to accomplishing the goal: technology and information. You have to ensure that your security systems can “talk” to one another. And you must be able to take the data coming from multiple IT systems and make sense of it all.

Knowing exactly what information your organization lacks to achieve ESI requires that you assess your needs based on your individual compliance requirements, risk tolerance and the type of proprietary information you must secure.

Of course, your industry and region, and the regions in which your partners operate, will also affect your information security needs. After a broad assessment, you can prioritize more specific requirements. Imagine what you want your security environment to look like three to four months from today, and rank the importance of such things as:

·         A universal security dashboard

·         Comprehensive reports

·         Automated solutions

Test-driving ESI

Running pilot tests of solutions that offer a holistic view is the best way to see firsthand what works in your organization. Testing solutions individually and in head-to-head “bakeoffs” helps ensure their efficacy, of course, but also demonstrates how easily they can be integrated into your existing security solution landscape.

And you might discover a winner right off the bat. When University of Washington Medicine tested the HP TippingPoint Intrusion Prevention System, the IPS prevented so many attacks that the UW Medicine security team decided it couldn’t risk uninstalling it. With the HP TippingPoint IPS, UW Medicine blocks more than 2 million attacks each week, including worms, viruses, Trojans, Web server assaults, denials of service (DoS) and other malicious activity. [2]

By establishing ESI in your organization as a basis for your security strategy, you’ll enable your team—and your fellow executives—to maintain a clear, universal view of the organization’s security and risk management profile. You put yourself in the ideal position to build security into a variety of emerging technologies that are likely to become of greater concern to CISOs, most notably cloud computing and mobile technology.

“We as IT professionals are changing the landscape right underneath our feet,” Reilly said in a video interview at ArcSight Protect 2011. “IT inherently increases risk. Your job is to minimize risk.

For more about developing your enterprise’s security intelligence, visit HP Enterprise Security.

[1] Second Annual Cost of Cyber Crime Study, Ponemon Institute, August 2011.
[2] “University of Washington Medicine Thwarts 803,000 Zotob Attacks in Week-Long Attack at World-Renown Medical Center,” HP customer case study, July 2010.


IT leader assessment

This tool evaluates the correlation between IT attributes and business success and, based on how your answers compare with average scores, will advise you where to invest in IT.

It is based on data HP collected from 650 global companies about a range of IT characteristics (server capacities, approach to information management, security, BYOD, etc.) and how they correlate to revenue gain. This assessment will compare your answers to the average scores in that study.

There are 12 questions that will require an estimated 10 minutes of your time. You'll receive a summary of your rating upon completion.

Let's get started

Please select an answer.


Your answer:
Your score:
Average score:
Revenue leaders' score:


Please select an answer.



Your score:
Average score:
Revenue leaders' score:

Get detailed results:


Popular tags


Discover Performance Weekly

HP Software’s Paul Muller hosts a weekly video digging into the hottest IT issues. Check out the latest episodes.

Enterprise 20/20

Introduction to Enterprise 20/20

What will a successful enterprise look like in the future?

CIO 20/20

Challenges and opportunities for the CIO of the future.

Employee 20/20

What the workforce of 2020 can expect from IT, and what IT can expect from the workforce.

Data Center 20/20

The innovation and revenue engine of the enterprise.

Dev Center 20/20

How will we organize development centers for the apps that will power our enterprises?

Marketing 20/20

Welcome to a new reality of split-second decisions and marketing by the numbers.

IT Operations 20/20

How can you achieve the data center of the future?

Security 20/20

Preparing today for tomorrow’s threats.

Mobility 20/20

Looking toward the era when everyone — and everything — is connected.

Read more

HP Software related

Most read articles

Discover Performance


Tweets @ HPITperformance