HP warns on the risk of short-sighted security spending

Companies who invest too much of their security budget in perimeter security are placing themselves at risk of major data breaches, according to HP executives.

A group of executives from the company's DVLabs, ArcSight and Fortify security operations told reporters firms should look to spend money evenly throughout the security space in order to best protect their networks.

While many firms invest heavily in protection technologies such as firewalls and intrusion prevention, many fail to properly secure data within the network and maintain proper monitoring and analysis systems, HP warned.

In doing so, they are left vulnerable when an increasingly savvy and capable class of attackers are able to breach the outer wall. Art Gillland, senior vice president for HP software enterprise security products, said that for many firms, an intrusion is a question of "if," not "when".

"It is inevitable that they are going to innovate around this, we are competing against the best in the world and they only have to be right one time," Gilliland said.

"Being able to see the environment, being able to know when adversaries are inside is something we should be investing in."

To that end, HP believes that firms should pay closer attention to securing the interior of their systems and being able to better react when suspicious activity is detected. In adopting such an approach, HP believes that customers will be better equipped to spot dangerous activity and react before a breach can occur.

Among the possible tools for maintaining such a deployment is the use of big data analytics platforms. While many markets only beginning to see the benefits of managing unstructured data, Gilliland said that the benefits of the platform in the security world are already apparent and have been for some time.

"We have been doing big data for years, collecting mass amounts of data, bringing that into a central database and then analysing and correlating those events to find something bad," he explained.

"It is probably the most applied big data platform that we have been using for the last 10 years."